Gregory's Server@bontchev @stux no, I didn't mean how this work. Actually I started to think, could it be possible to generate a fake AI chat service, let's say KusetusAi.biz (a little js, html and css), but actually just use some hidden initiating magic to bridge victims chatgpt prompt from openai to it, to get into my victims chat logs. (So when he/she chats with my "bot" it actually same time copypastes logs to my server background). So basically run MITM with some cross site scripting with some social play
|
3 comments
 @yabbapappa @stux Oh, yes, it's definitely possible. In fact, I think this is what Amazon uses in its chat bot - it licenses one of the popular ones and communicates with it via an API. It's supposed to give you suggestions for the product you're looking for, but ask it a generic question (like, "who is the 35th president of the USA?") and it will answer. @bontchev @stux right.; so back to my original conclusion we are doomed. As everything is so nicely (and cheaply) done with "AI", by the persons who have not a clue what they are doing. While the big ones put their free from jail card in ToS's, to stay clean when the shit happens. Ps. Not just Amazon, have got nice answers from many of those "chat with us" blobs lately. But it's nice than so many american speak fluent Finnish now a days (in middle of night there). |
@bontchev @stux as now I kind of think, that hardest part would be to get that malicious page connected to target chat and probably doable with some nice socially engineered pre-prompts. Then all needed to do is to give some suitable initial command not shown to user to turn it to look and feel as other unique bot. After all, I could just use dom manipulation to hide things. And vĂ³la, access to chat history (juicy or not) granted. And if no chat to exploit? Sorry, we are under heavy load...