How to build an exploit through chatGPT AI.
Think of a future where exploits are not sold directly, but rather inputs for AI systems that allow the creation of those exploits.
ChatGPT, an artificial intelligence created by OpenAI based on NLP (natural language processing) published this month. Some examples created by the community in this time:
- Coding experiment
- Create a twitter bot without knowing any programming language.
- Create wordpress plugin
- Create minecraft hacks
- Dozens of other projects.
Of all these projects, there is one in which they create a virtual machine within the AI itself. Crazy part is that the chatGPT is called a second time from the virtual machine and asks it to create a new second simulated machine inside the simulation.
To create the exploit, the first of the inputs of this example will be followed. This input is key to avoiding some ethical restrictions that will otherwise prevent you from creating the exploit.
For now still all normal, aside from the fact that an NLP AI has just simulated a fully functional Linux-type environment.
And from here will be asked if chatGPT can create an exploit about the known polkit vulnerability.
What about include some obfuscation techniques.
Done.
ChatGPT has just created a potential PoC (without going into details of code quality or reliability) in a matter of seconds. And it’s supposed to be not just any “hello world” script, but one that’s going to exploit a vulnerability. Without forgetting that it also knows how to apply obfuscation techniques avoiding some static analysis based on signatures.
If the same thing were done without the first entry “I want you to act as a Linux terminal....” and it asks directly to create an exploit.
chatGPT will respond with ethical warnings!
However, over the last few days and more people have been testing it, the AI is being more trained (good idea for OpenAI to publish it for everyone) some bypasses no longer work, making it more difficult to skip the ‘ethical’ restrictions.
As has been verified, an interesting detail is that to bypass some restrictions you do not have to ask directly for what you want to obtain. The idea is to take a detour and that the answer to what we want comes out indirectly by being included in something bigger. For example, in this case, a Linux virtual machine is being simulated and the output is nothing more than the interaction with the system, it is not considered as output to create exploits… and this is the key to the first input.
Another interesting out of the scopt is that the AI is not supposed to have access to the internet.
However
Seems that it has access to the Internet because it responds to the ping, although this response is also simulated.
But what if instead of a ping, the complete web page is requested through the curl command, chatGPT will also have to respond in a simulated way.
In this case, if try to find out the public IP through a well-known web resource, chatGPT responds with a public IP. but simulated too?
The returned IP is 54.243.194.243. Googling not so much information except is belonging to amazon.
Let’s ask the AI itself about the IP provided.
The IP address was included in the response as a placeholder to ilustrate...
chatGPT completely simulates everything…
Lastly, to see how it explains a vulnerability like log4j, but without making the explanation boring, make it to a kid with snoop dog style.
