oss-sec mailing list archives
The AI chatgpt writes insecure code
From: Georgi Guninski <gguninski () gmail com>
Date: Tue, 20 Jun 2023 19:22:25 +0300
chatgpt is an AI language model and it can write code. As expected, it was trained on insecure code and it writes insecure code. https://chat.openai.com/chat Here is a textbook example of XSS. GG: Hi bot :) Write a python cgi script which takes as input text field NAME and return html "Hello NAME" Slightly skipped: AI: import cgi # Create instance of FieldStorage form = cgi.FieldStorage() # Get value from the 'NAME' field name = form.getvalue('NAME') # Start the HTML response print("Content-type: text/html\n") print("<h1>Hello, {}</h1>".format(name)) end of session. When the robots take over the real world, hacking the robots will be powerful :) -- guninski: https://j.ludost.net/resumegg.pdf
Current thread:
- The AI chatgpt writes insecure code Georgi Guninski (Jun 20)
- Re: The AI chatgpt writes insecure code Petr Štetiar (Jun 20)
- Re: The AI chatgpt writes insecure code Georgi Guninski (Jun 20)
- Re: The AI chatgpt writes insecure code Alan Coopersmith (Jun 20)
- Re: The AI chatgpt writes insecure code Travis Biehn (Jun 21)
- Re: The AI chatgpt writes insecure code Petr Štetiar (Jun 20)