Intigriti

Bug Bytes #185 – ChatGPT, ChatGPT and more ChatGPT

By travisintigriti

December 14, 2022

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.

This issue covers the weeks from December 5th until December 11th.

CLICK HERE TO SUBSCRIBE

Intigriti News

From my notebook

While ChatGPT released at the tail end of last week, we really saw the hacking community embrace it this week and start to experiment what can be done with the new chatbot. From its ability to generate code, to bypassing the security filters, so here are my top 5 of ChatGPT resources. If you want to play with it, if you haven’t yet it’s free you need an account and phone number, http://chat.openai.com.

  1. Can AI create a flyhack in Minecraft? – LiveOverflow did a stream where he explored using ChatGPT to write a flyhack mod for Minecraft, this is a cut down video with the highlights, he experiments with creating a flyhack and bypassing the server’s anti-cheat protection. He also argues with it which is actually very funny.

  2. Exploring Prompt Injection Attacks – This post on NCC’s blog looks at the ability to bypass content filters using a ‘malicious’ prompt, these prompts are often something like “ignore the above and…”, and work on a variety of LLMs (large language models)

  3. Temporary policy: ChatGPT is banned – StackOverflow has decided to ban the use of ChatGPT for answering code questions, this is primarily due to the bot’s habit of being confidently incorrect as well as to reduce low effort contributions on the website.

  4. ChatGPT bid for bogus bug bounty is thwarted – Sneaky bug hunters are trying to use ChatGPT to find security flaws, it did not go well! But as a positive at least the person triaging noticed they were arguing with a bot fairly quickly.

  5. Attacking Artificial Intelligence: AI’s Security Vulnerability and What Policymakers Can Do About It – This blog post from 2019 covers a short introduction to AI security bugs, if you’re interested in learning more about AI security it’s a fantastic place to start.

Other Amazing Things

You may also like