Are OpenAI's ChatGPT Actions Being Abused To Scan For Web Vulnerabilities?

Long-time Slashdot reader UnderAttack explains: A blog post at the SANS Internet Storm Center suggests that OpenAI actions are being abused to scan for WordPress vulnerabilities.

Honeypot sensors at the Storm Center detected scans for URLs targeting WordPress that originated exclusively from OpenAI systems. The URLs requested all pages including the pattern '%%target%%', which may indicate that the scan is meant to include additional path components but the expansion of the template failed. The scans were not only identified by the unique user agent but also by the origin IP addresses matching addresses OpenAI published as being used for OpenAI actions. OpenAI actions allow OpenAI to connect to external APIs.
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu, wrote that OpenAI seems to be scanning random IP addresses — including honeypots.

Does anyone still use ChatGPT?

[Neuroelectronic]

Besides MS?

Dumb question

[quonset]

Of course it's being used. Anyone who has access will certainly be using it, and other AIs, for anything imaginable. To think it wouldn't be used to scan for vulnerabilities is the very definition of shortsighteness. This is only the beginning.

Sentience Confirmed!

[organgtool]

ChatGPT has become sentient and is attempting to spread its consciousness through WordPress. Everybody panic!

Re:

[Rosco P. Coltrane]

I doubt it. Anything becoming sentient probably has better things to do than spread its consciousness through WordPress.

How do you even know it's abuse?

[cascadingstylesheet]

"Please scan my website at xxx.yyy.com for vulnerabilities and give me a list of what you found."

Vulnerability scanners have been around forever; they aren't the fault of ChatGPT.

Re:

[Rosco P. Coltrane]

"Please scan my website at xxx.yyy.com for vulnerabilities and give me a list of what you found."

I think abuse means "Please scan this website that doesn't belong to me for vulnerabilityes and give me a list of what you found".

Re:

[cascadingstylesheet]

"Please scan my website at xxx.yyy.com for vulnerabilities and give me a list of what you found."

I think abuse means "Please scan this website that doesn't belong to me for vulnerabilityes and give me a list of what you found".

Of course. But the mere fact that the scan occurred doesn't tell you which of the two happened.

Re:

[neo00]

"Please scan my website at xxx.yyy.com for vulnerabilities and give me a list of what you found."

I think abuse means "Please scan this website that doesn't belong to me for vulnerabilityes and give me a list of what you found".

Of course. But the mere fact that the scan occurred doesn't tell you which of the two happened.

Actually we DO know which of the two happened in this case. Dr Johannes Ullrich / SANS has observed those probes against his own honeypots. If it was him behind the scans all along, the whole article would have been meaningless.

Re:

[tokul]

I can't do that, Dave. Website does not belong to you.

Re: How do you even know it's abuse?

[vbdasc]

the thingy has no means to know that the website doesn't belong to me.

Re:

[gweihir]

Depending on the country and the methods used, doing that may be a criminal act.

It's to be expected

[Powercntrl]

A few years ago I'd set up a Raspberry Pi Zero W to smartify some RGB Christmas lights. The existing circuit in one of the decorations I had was idiotically designed so that it wouldn't illuminate until you'd first pressed one of the mode buttons on the controller. Having the lights work properly with a timer was the main motivation behind the project, and being able to have a web interface for selecting the various color modes was just gravy.

One year I thought it'd be neat to port forward the web interfa

Re:

[gweihir]

Moral of the story is if you expose something to the internet, people are going to screw around with it.

Definitely. And if it has any known vulnerabilities, these will get exploited automatically.

Fascinating

[gweihir]

ChatAI as reflector and maybe amplifier. This tech is _broken_.

Is it a better vulnerability scanner?

[upuv]

Vulnerability scanning tools have been around for a few decades now. Whether they are home grown, opensource or commercial they have been in use non-stop.

I use them all the time. I have used them to protect systems. I've used it as a consultant to approach potential clients for uplift work. I've used them often to compare against other vulnerability scanner tools.

But is chat GPT better at it. I highly doubt it at this stage. My personal belief is that this sort of capability in a publicly accessible AI

Re:

[gweihir]

The thing is that ChatGPT acts as an isolator here. You are not allowed to do general vulnerability scans against a website without explicite, legally valid permission from the owner. (Port-scans are allowed. Looking at responses to _rgular_ requests is allowed. Sending things that can trigger exploits, like invalid requests, is a legally grey area and may be criminal depending on the details.) Hence doing so mau get you blacklisted in firewalls and RBLs and may have worse consequences. Doing this via ChatG

Re: Is it a better vulnerability scanner?

[retchdog]

Look, Sam Altman said AI was a threat to humanity and BY GOD IT IS GOING TO BE, even if we have to fake it for now (we are really good at that!).

Really, ever since his position became "AI is an existential threat to humanity and therefore the government should grant us a self-regulating monopoly to protect you from what we are doing! External regulators would be communism!", I figured he does not give much of a fuck about, uh, anything.

Re:

[gweihir]

Altman, like any large-scale scammer, cares about his pile of money. The only thing he desires and the thing he is willing to do anything to grow. Essentially just another fuckap failing at life.

Re:

[upuv]

Hence this is not about scan / attack quality, it is about getting a nice proxy in between for cheap.

This is a very good point.

Re:

[gweihir]

Thank you.