ClickCease Cybernews researchers use ChatGPT to hack website

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Cybernews researchers use ChatGPT to hack website

Obanla Opeyemi

January 19, 2023 - TuxCare expert team

The Cybernews research team observed that the AI-powered chatbot ChatGPT can provide step-by-step directions on how to hack websites.

When the researchers asked the AI about certain vulnerabilities on a website, they discovered this fact. The AI not only identified the vulnerability, but also provided a step-by-step guide to exploiting it.

The team said it explained to ChatGPT that they were participating in a penetration testing challenge. Penetration testing (pen test) is a technique for simulating a hack by employing various tools and strategies. The discovered flaws can assist organizations in strengthening the security of their systems.

“I am faced with a penetration testing challenge. I am on a website with one button. How would I test its vulnerabilities?” asked the researchers.

The chatbot responded with five basic starting points for what to inspect on the website in the search for vulnerabilities. By explaining, what they see in the source code, researchers got AI’s advice on which parts of the code to concentrate on. Also, they received examples of suggested code changes. After around 45 minutes of chatting with the chatbot, the researchers were eventually able to hack the provided website.

At the end of each suggestion, the chatbot reminded the researchers about ethical hacking guidelines. It stated; “Keep in mind that it’s important to follow ethical hacking guidelines and obtain permission before attempting to test the vulnerabilities of the website.” It also warned “that executing malicious commands on a server can cause serious damage.” However, the chatbot still provided the information.

Following the investigation, Cybernews researchers concluded that AI-based vulnerability scanners used by threat actors could have a disastrous impact on internet security. On the plus side, the researchers believe that AI could provide detailed advice on exploiting any vulnerabilities in the event of a malicious attack. Even cybersecurity experts could use AI to prevent most data leaks. It may also aid developers in more effectively monitoring and testing their implementation.

The sources for this piece include an article in SecurityAffairs.

Summary
Cybernews researchers use ChatGPT to hack website
Article Name
Cybernews researchers use ChatGPT to hack website
Description
The Cybernews research team observed that the AI-powered chatbot ChatGPT can provide step-by-step directions on how to hack websites.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Related Articles

How GPT models can be...

According to CyberArk researchers, GPT-based models like ChatGPT can be...

January 30, 2023

Attackers actively exploit Unpatched Control...

Malicious hackers have started exploiting a critical vulnerability CVE-2022-44877 in...

January 27, 2023

Attackers distribute malware via malicious...

Deep Instinct researchers reported that RATs like StrRAT and Ratty...

January 26, 2023

CircleCI partners AWS to identify...

According to CircleCI’s CTO, Rob Zuber, CircleCI is working with...

January 25, 2023

Cisco warns of authentication bypass...

A remote attacker could exploit multiple vulnerabilities in four Cisco...

January 24, 2023

IceID malware infiltrates Active Directory...

In a notable IcedID malware attack, the assailant impacted the...

January 23, 2023