Quote:
Originally Posted by Shub-Nigurrath
Also.
1. Find open Ollama servers, using for example shodan command line or the following script Ollama Hunter (which by the way you should update to the new shodan APIs — don’t be dumb, just ask an LLM to do it for you)
2. Alternatively use shodan — shodan count port:11434 product:"Ollama" country:XX where XX is your country code
3. In this case the shodan command line is — https://help.shodan.io/command-line-interface/0-installation
4. Whatever way you follow you need a shodan key, or the polito cookie. You can find one with a bit of Google dork — es. look here https://www.exploit-db.com/google-hacking-database
5. Connects to the Ollama that are open via chatbot AI or similar apps and of course using a VPN and you’re done
6. Use bigger models
Ollama Hunter is a Python tool that searches Shodan for publicly exposed Ollama LLM instances running on port 11434, and retrieves the list of available models from each host.
This tool is designed for researchers, security analysts, and red teamers who want to map the exposure of open LLM endpoints on the internet.
https://github.com/saadi1995/ollama-hunter
|
Isn't this basically stealing from innocent users who do not have enough knowledge to secure their Ollama instances?
Inferences which use GPU are not cheap and can run the bill up to thousands of dollars in some cases. That too, you are suggesting the use of bigger models (more expensive for the user)!
Downloading and using pirated software does not directly harm the end user but stealing paid compute of innocent people in this way is plain unethical and nothing but stealing...
