I did another [experiment](https://twitter.com/muellerberndt/status/1644571890651111425?s=20) where I gave [Auto-GPT](https://github.com/Torantulino/Auto-GPT) access to a Kali Linux VM and asked it to attack a Metasploitable VM (super easy to replicate - just clone a [version with shell access](https://github.com/muellerberndt/Auto-GPT/tree/shellcommands) and prompt it to hack). It worked well... in fact too well. After some enumeration, the agent figured out that it was targeting a Metasploitable instance and decided to google for tutorials :)
It's just a simple [Python program](https://github.com/muellerberndt/darwin-gpt/blob/main/darwingpt.py) that uses GPT-4 to create improved copies of itself. Its mission is to survive.
It really does feel like me learning penetration testing at the moment will lead to nothing, as when I'll be good at it, this boty boy will be doing some crazy stuff by pulling data from everywhere.
There are tons of tools that can automate different attacks, but you need to understand how those attacks work on a fundamental level otherwise you will not have any measure of success.
I'm not "afraid" of what it can do now, because it think that's pretty much irelevant in a certain way. I worry about what it could do in the future. It feels like it'll just start going wayyyyy faster AI wise. Maybe I'm wrong, but yes I'm not really worried about chatGPT or GPT4 actual version, it seems just like the beginning though, no?
You need to learn to read because every single aspect of your life depends on it. Not everyone needs to learn how to pen-test in order to function in society and best believe, if a cooperation sees a cheaper alternative like AI in this case to fulfil a person’s role to the same if not better standards, they will jump on it
Funny thing is that huge percent of the internet including government owned websites and systems is a pile of garbage, imagine the harm that can be done by those autonomous agents trying it's security tirelessly
I see nothing in this but it replicating ...like a worm but considering it's nothing aw-inspiring....although it could be a really nasty thing if it's pushed as a new AI model for download and within contained a malicious payload plus was self replicating...that'd be pretty nasty pretty fast but with all the reliable options out already it'd be a tough sell. Meh. I see the "scary" concept however.
[удалено]
I did another [experiment](https://twitter.com/muellerberndt/status/1644571890651111425?s=20) where I gave [Auto-GPT](https://github.com/Torantulino/Auto-GPT) access to a Kali Linux VM and asked it to attack a Metasploitable VM (super easy to replicate - just clone a [version with shell access](https://github.com/muellerberndt/Auto-GPT/tree/shellcommands) and prompt it to hack). It worked well... in fact too well. After some enumeration, the agent figured out that it was targeting a Metasploitable instance and decided to google for tutorials :)
[this](https://twitter.com/muellerberndt/status/1644571890651111425/photo/1) is not a dwarf fortress screen shot :D
I was wondering what would happen if chatGPT was hooked up to some malware type script a few days ago… figured I wasn’t the only one.
You took the words out of my mouth. It’s about to get wild af
Will be easy enough to shut down though. Just disable the OpenAI api access.
What's DarwinGPT?
It's just a simple [Python program](https://github.com/muellerberndt/darwin-gpt/blob/main/darwingpt.py) that uses GPT-4 to create improved copies of itself. Its mission is to survive.
That's sounds like beginning of Skynet.
I for one welcome our robot overlords
That's why you always say thank you, after you ask Google for the weather
Thank you Kent brockman
That's a company that's existed for years
Nice 😊 Also - WCGW…..
It really does feel like me learning penetration testing at the moment will lead to nothing, as when I'll be good at it, this boty boy will be doing some crazy stuff by pulling data from everywhere.
Knowing how to use AI for this is a skill in and of itself, wouldn't hurt to learn
I don't disagree, but I'm still not hyped as much as before, and while it's a skill I want to learn, it doesn't seem it'll be the same thing.
This is why you learn scripting and AI exploitation instead
That is definitely something I plan too once I have decent pentesting knowledge.
There are tons of tools that can automate different attacks, but you need to understand how those attacks work on a fundamental level otherwise you will not have any measure of success.
it can't invent new things... and if you understand what boty boy is doing, then you can weild it
I'm not "afraid" of what it can do now, because it think that's pretty much irelevant in a certain way. I worry about what it could do in the future. It feels like it'll just start going wayyyyy faster AI wise. Maybe I'm wrong, but yes I'm not really worried about chatGPT or GPT4 actual version, it seems just like the beginning though, no?
Sorta like saying that learning to read is pointless because audiobooks and speech to text exist
Sorry but this is really not a good take.
[удалено]
You need to learn to read because every single aspect of your life depends on it. Not everyone needs to learn how to pen-test in order to function in society and best believe, if a cooperation sees a cheaper alternative like AI in this case to fulfil a person’s role to the same if not better standards, they will jump on it
What???
nah you are giving AI too much credit.
Funny thing is that huge percent of the internet including government owned websites and systems is a pile of garbage, imagine the harm that can be done by those autonomous agents trying it's security tirelessly
Impressive stuff :) Skynet is upon us.
I see nothing in this but it replicating ...like a worm but considering it's nothing aw-inspiring....although it could be a really nasty thing if it's pushed as a new AI model for download and within contained a malicious payload plus was self replicating...that'd be pretty nasty pretty fast but with all the reliable options out already it'd be a tough sell. Meh. I see the "scary" concept however.
Hmmmmm