PwnGPT: Automatic Exploit Generation Based on Large Language Models

Wanzong Peng; Lin Ye; Xuetao Du; Hongli Zhang; Dongyang Zhan; Yunting Zhang; Yicheng Guo; Chen Zhang

doi:10.18653/v1/2025.acl-long.562

PwnGPT: Automatic Exploit Generation Based on Large Language Models

Wanzong Peng^*
, Lin Ye^*
, Xuetao Du
, Hongli Zhang
, Dongyang Zhan
, Yunting Zhang
, Yicheng Guo
, Chen Zhang

^*Corresponding author for this work

Faculty of Computing

Harbin Institute of Technology
China Mobile Group Design Institute Co.Ltd.HeBei Branch

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Automatic exploit generation (AEG) refers to the automatic discovery and exploitation of vulnerabilities against unknown targets. Traditional AEG often targets a single type of vulnerability and still relies on templates built from expert experience. To achieve intelligent exploit generation, we establish a comprehensive benchmark using Binary Exploitation (pwn) challenges in Capture the Flag (CTF) competitions and investigate the capabilities of Large Language Models (LLMs) in AEG based on the benchmark. To improve the performance of AEG, we propose PwnGPT, an LLM-based automatic exploit generation framework that automatically solves pwn challenges. The structural design of PwnGPT is divided into three main components: analysis, generation, and verification modules. With the help of a modular approach and structured problem inputs, PwnGPT can solve challenges that LLMs cannot directly solve. We evaluate PwnGPT on our benchmark and analyze the outputs of each module. Experimental results show that our framework is highly autonomous and capable of addressing various challenges. Compared to direct input LLMs, PwnGPT increases the completion rate of exploit on our benchmark from 26.3% to 57.9% with the OpenAI o1-preview model and from 21.1% to 36.8% with the GPT-4o model.

Original language	English
Title of host publication	Long Papers
Editors	Wanxiang Che, Joyce Nabende, Ekaterina Shutova, Mohammad Taher Pilehvar
Publisher	Association for Computational Linguistics (ACL)
Pages	11481-11494
Number of pages	14
ISBN (Electronic)	9798891762510
DOIs	https://doi.org/10.18653/v1/2025.acl-long.562
State	Published - 2025
Event	63rd Annual Meeting of the Association for Computational Linguistics, ACL 2025 - Vienna, Austria Duration: 27 Jul 2025 → 1 Aug 2025

Publication series

Name	Proceedings of the Annual Meeting of the Association for Computational Linguistics
Volume	1
ISSN (Print)	0736-587X

Conference

Conference	63rd Annual Meeting of the Association for Computational Linguistics, ACL 2025
Country/Territory	Austria
City	Vienna
Period	27/07/25 → 1/08/25

Access to Document

10.18653/v1/2025.acl-long.562

Cite this

Peng, W., Ye, L., Du, X., Zhang, H., Zhan, D., Zhang, Y., Guo, Y., & Zhang, C. (2025). PwnGPT: Automatic Exploit Generation Based on Large Language Models. In W. Che, J. Nabende, E. Shutova, & M. T. Pilehvar (Eds.), Long Papers (pp. 11481-11494). (Proceedings of the Annual Meeting of the Association for Computational Linguistics; Vol. 1). Association for Computational Linguistics (ACL). https://doi.org/10.18653/v1/2025.acl-long.562

Peng, Wanzong ; Ye, Lin ; Du, Xuetao et al. / PwnGPT : Automatic Exploit Generation Based on Large Language Models. Long Papers. editor / Wanxiang Che ; Joyce Nabende ; Ekaterina Shutova ; Mohammad Taher Pilehvar. Association for Computational Linguistics (ACL), 2025. pp. 11481-11494 (Proceedings of the Annual Meeting of the Association for Computational Linguistics).

@inproceedings{6c25875ef75142f8b533d9de785ce512,

title = "PwnGPT: Automatic Exploit Generation Based on Large Language Models",

abstract = "Automatic exploit generation (AEG) refers to the automatic discovery and exploitation of vulnerabilities against unknown targets. Traditional AEG often targets a single type of vulnerability and still relies on templates built from expert experience. To achieve intelligent exploit generation, we establish a comprehensive benchmark using Binary Exploitation (pwn) challenges in Capture the Flag (CTF) competitions and investigate the capabilities of Large Language Models (LLMs) in AEG based on the benchmark. To improve the performance of AEG, we propose PwnGPT, an LLM-based automatic exploit generation framework that automatically solves pwn challenges. The structural design of PwnGPT is divided into three main components: analysis, generation, and verification modules. With the help of a modular approach and structured problem inputs, PwnGPT can solve challenges that LLMs cannot directly solve. We evaluate PwnGPT on our benchmark and analyze the outputs of each module. Experimental results show that our framework is highly autonomous and capable of addressing various challenges. Compared to direct input LLMs, PwnGPT increases the completion rate of exploit on our benchmark from 26.3\% to 57.9\% with the OpenAI o1-preview model and from 21.1\% to 36.8\% with the GPT-4o model.",

author = "Wanzong Peng and Lin Ye and Xuetao Du and Hongli Zhang and Dongyang Zhan and Yunting Zhang and Yicheng Guo and Chen Zhang",

note = "Publisher Copyright: {\textcopyright} 2025 Association for Computational Linguistics.; 63rd Annual Meeting of the Association for Computational Linguistics, ACL 2025 ; Conference date: 27-07-2025 Through 01-08-2025",

year = "2025",

doi = "10.18653/v1/2025.acl-long.562",

language = "英语",

series = "Proceedings of the Annual Meeting of the Association for Computational Linguistics",

publisher = "Association for Computational Linguistics (ACL)",

pages = "11481--11494",

editor = "Wanxiang Che and Joyce Nabende and Ekaterina Shutova and Pilehvar, \{Mohammad Taher\}",

booktitle = "Long Papers",

address = "澳大利亚",

}

Peng, W, Ye, L, Du, X, Zhang, H, Zhan, D, Zhang, Y, Guo, Y & Zhang, C 2025, PwnGPT: Automatic Exploit Generation Based on Large Language Models. in W Che, J Nabende, E Shutova & MT Pilehvar (eds), Long Papers. Proceedings of the Annual Meeting of the Association for Computational Linguistics, vol. 1, Association for Computational Linguistics (ACL), pp. 11481-11494, 63rd Annual Meeting of the Association for Computational Linguistics, ACL 2025, Vienna, Austria, 27/07/25. https://doi.org/10.18653/v1/2025.acl-long.562

PwnGPT: Automatic Exploit Generation Based on Large Language Models. / Peng, Wanzong; Ye, Lin; Du, Xuetao et al.
Long Papers. ed. / Wanxiang Che; Joyce Nabende; Ekaterina Shutova; Mohammad Taher Pilehvar. Association for Computational Linguistics (ACL), 2025. p. 11481-11494 (Proceedings of the Annual Meeting of the Association for Computational Linguistics; Vol. 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - PwnGPT

T2 - 63rd Annual Meeting of the Association for Computational Linguistics, ACL 2025

AU - Peng, Wanzong

AU - Ye, Lin

AU - Du, Xuetao

AU - Zhang, Hongli

AU - Zhan, Dongyang

AU - Zhang, Yunting

AU - Guo, Yicheng

AU - Zhang, Chen

PY - 2025

Y1 - 2025

N2 - Automatic exploit generation (AEG) refers to the automatic discovery and exploitation of vulnerabilities against unknown targets. Traditional AEG often targets a single type of vulnerability and still relies on templates built from expert experience. To achieve intelligent exploit generation, we establish a comprehensive benchmark using Binary Exploitation (pwn) challenges in Capture the Flag (CTF) competitions and investigate the capabilities of Large Language Models (LLMs) in AEG based on the benchmark. To improve the performance of AEG, we propose PwnGPT, an LLM-based automatic exploit generation framework that automatically solves pwn challenges. The structural design of PwnGPT is divided into three main components: analysis, generation, and verification modules. With the help of a modular approach and structured problem inputs, PwnGPT can solve challenges that LLMs cannot directly solve. We evaluate PwnGPT on our benchmark and analyze the outputs of each module. Experimental results show that our framework is highly autonomous and capable of addressing various challenges. Compared to direct input LLMs, PwnGPT increases the completion rate of exploit on our benchmark from 26.3% to 57.9% with the OpenAI o1-preview model and from 21.1% to 36.8% with the GPT-4o model.

AB - Automatic exploit generation (AEG) refers to the automatic discovery and exploitation of vulnerabilities against unknown targets. Traditional AEG often targets a single type of vulnerability and still relies on templates built from expert experience. To achieve intelligent exploit generation, we establish a comprehensive benchmark using Binary Exploitation (pwn) challenges in Capture the Flag (CTF) competitions and investigate the capabilities of Large Language Models (LLMs) in AEG based on the benchmark. To improve the performance of AEG, we propose PwnGPT, an LLM-based automatic exploit generation framework that automatically solves pwn challenges. The structural design of PwnGPT is divided into three main components: analysis, generation, and verification modules. With the help of a modular approach and structured problem inputs, PwnGPT can solve challenges that LLMs cannot directly solve. We evaluate PwnGPT on our benchmark and analyze the outputs of each module. Experimental results show that our framework is highly autonomous and capable of addressing various challenges. Compared to direct input LLMs, PwnGPT increases the completion rate of exploit on our benchmark from 26.3% to 57.9% with the OpenAI o1-preview model and from 21.1% to 36.8% with the GPT-4o model.

UR - https://www.scopus.com/pages/publications/105021047651

U2 - 10.18653/v1/2025.acl-long.562

DO - 10.18653/v1/2025.acl-long.562

M3 - 会议稿件

AN - SCOPUS:105021047651

T3 - Proceedings of the Annual Meeting of the Association for Computational Linguistics

SP - 11481

EP - 11494

BT - Long Papers

A2 - Che, Wanxiang

A2 - Nabende, Joyce

A2 - Shutova, Ekaterina

A2 - Pilehvar, Mohammad Taher

PB - Association for Computational Linguistics (ACL)

Y2 - 27 July 2025 through 1 August 2025

ER -

Peng W, Ye L, Du X, Zhang H, Zhan D, Zhang Y et al. PwnGPT: Automatic Exploit Generation Based on Large Language Models. In Che W, Nabende J, Shutova E, Pilehvar MT, editors, Long Papers. Association for Computational Linguistics (ACL). 2025. p. 11481-11494. (Proceedings of the Annual Meeting of the Association for Computational Linguistics). doi: 10.18653/v1/2025.acl-long.562

PwnGPT: Automatic Exploit Generation Based on Large Language Models

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this