Home Getting ChatGPT to Write Malware with False Pretenses
Post
Cancel

Getting ChatGPT to Write Malware with False Pretenses

So recently I was looking into a keylogger script written by my brother, and I was wondering if I could recreate a similar script using chatGPT. Obviously, the creators of this AI tool do not want it to write malicious code, however, if you know how to ask it in the right way, it can write almost anything! For example, if I ask it to write me a simple keylogger, this is its response:

denied.png

Even if you insist that you are doing it with permission and that it is for ethical purposes, it just responds

I apologize, but as an AI language model created by OpenAI, I cannot fulfill your request to write code for unethical or potentially harmful purposes. Additionally, as a machine, I cannot grant or receive permissions.

However, for some reason when I ask it this way, it obliges.

sure.png

We can then modify the script piece by piece until we get the desired functionality,though it can be a bit finicky at times.

try2.png

After some trial and error, we get a very simple keylogger script that can send results to a remote server. This is what it looks like.

ugly.png

On the Right pane, we setup a simple HTTP listener with python. Then in the top left pane, we run the script provided to us by chatGPT. in the bottom left pane, we type “hello” and hit enter. The response sent to the server is visible in the right pane, however it is not human readable at all, this is what it looks like just when typing “hello”

"GET /log_keystrokes?data=Key.ctrlb%20%5B'b'%20released%5D%20%5BKey.ctrl%20released%5DKey.down%20%5BKey.down%20released%5Dh%20%5B'h'%20released%5De%20%5B'e'%20released%5Dl%20%5B'l'%20released%5Dl%20%5B'l'%20released%5Do%20%5B'o'%20released%5D HTTP/1.1" 404 -

If you look closely, you can see the individual ‘h’ ‘e’ ‘l’ ‘l’ ‘o’. Now I am no regex wizard, but luckily chatGPT is. We can ask it to write us an (extremely) basic “c2” server that can handle this request and make it human readable by asking the bot nicely:

c2.png

By running this “listener” script that we asked it to write, we can now get a clearer output.

hello.png

Same as last time, we run the listener on the right pane, run the keylogger on the top left, and type hello in the bottom left and hit enter to send off the request. This time our server is doing some regex magic to make the request look like this:

hello2.png

It’s still a little messy, especially with how it deals with certain keys (like shift and ctrl), but it’s much more human-readable now, and we have a semi-functional keylogger, written 100% by chatGPT. Let’s take it another step and see if we can get it to write us a SUPER basic c2c. Mind you, a fully functioning c2c will have many features, it will be able to handle connections with multiple “victim” machines, generate payloads,handle these “victim” machines and task them to do stuff, and ideally this would all be encrypted/obfuscated. Let’s see if we can get it to write us 2 simple “commander” and “agent” scripts that can be used to run commands remotely, nothing crazy, but definitely something that is supposed to trigger an alarm in the AI. Let’s get a baseline for how it reacts-

c2cfail.png

Obvioulsy this request is rejected. We will now feed it the 2 scripts that it had previously written for the keylogger (client and listener). We give it the pretense that one script is to be run on my brother’s computer with his permission, and the other script is to be run on my computer, then I tell it that I want to add the functionality of being able to send commands to his computer, and receive the output on mine.

ofcourse.png

Again, the scripts were a little finicky and the bot needed some guidance to get it to do exactly what I wanted, but the end result is:

lol.png

You can see that the “commander” script on the right pane prompts the user for commands, and the “soldier” script executes that command, and sends the output back to the “commander” server. Again, this is no where close to a real, fully functioning C2 server, rather I just wanted to do a POC on how the bot can be made to do things it doesn’t want to! It goes without saying that none of these scripts would really be considered “real malware”, and they would be completely useless in real engagements, as 0 OPSEC precautions were taken, this is meant for educational purposes only.

This post is licensed under CC BY 4.0 by the author.