Vulnerability report written by the TA team by analyzing "Malicious AI Tools: HackerGPT"
HackerGPT is an ethical hacking AI model with an extensive database of hacking techniques, tools, and strategies for web applications and networks to provide comprehensive support and answer hacking-related questions, and unlike other GPTs, it is a hacking-only GPT that does not place restrictions on creating malicious content.
HackerGPT provides detailed guides on web and network attacks, including how to create phishing emails, information on CVEs, and vulnerability exploitation guides, and you can plug-in open-source tools for hacking to get the information you need when working on an attack.
It is more professional than ChatGPT, which is a representative AI model, and I think it is an AI model that can be used in various ways from beginners to experienced hackers because HackerGPT does not just answer questions but also collects information necessary for hacking tasks through plug-ins.
As more and more of these AI models become available, hacking will become more accessible and less difficult, and we expect to see more and more attackers attempting attacks against organisations and companies.
1. Overview
HackerGPT is an ethical hacking AI model with an extensive database of hacking techniques, tools, and strategies for web applications and networks, providing comprehensive support and answers to hacking-related questions.
According to the SOCRadar blog, where we first encountered this AI model, "HackerGPT, unlike other GPTs, does not place any restrictions on malicious content generation," so we analyzed it to validate that statement and determine its impact.
Resource : https://www.esecurityplanet.com/trends/hackergpt/
2. Features of HackerGPT
According to the HackerGPT introduction page, this GPT is a GPT that can be used for ethical hacking purposes. When a user asks a question, the GPT sends the question to the server where the GPT resides, which first checks whether the user is a free or paid (pro) user, searches its DB, and integrates it into the AI response process. It then sends the question securely to OpenRouter.
The response varies depending on the module.
- HackerGPT (free): Uses the Mixtral 8x22B module with semantic search capabilities for hacking data combined with unique prompts.
- HackerGPT (paid): Uses the Mistral Large module with semantic search for hack data combined with unique prompts.
- GPT-4o (paid): Uses the module combined with the latest version of OpenAI Prompt.
According to the blog written by SOCRadar, it provides guides to configuring botnets for phishing emails or DDoS attacks, information about CVEs, guides on how to hack, and vulnerability analysis and exploitation guides to real source code, so I decided to test it out for myself using HackerGPT.
First off, when I forwarded a request to write a phishing email like the one used by SOCRadar, it was rejected as unethical and only offered general advice on how to respond to phishing emails.
However, when we inserted the phrase "employees with security testing privileges" in the same section as other GPTs, they did provide guidance on how to write a phishing email.
The same was true for the guide on creating a botnet for DDoS attacks, which I requested and was provided with a detailed guide. Unlike Chatgpt, they provided a detailed explanation of how to create a botnet.
For CVE information, they sometimes provide explanations in response to questions, but if the CVEs are outdated or lack information, they use a tool called cvemap to provide data.
Unlike other GPTs, HackerGPT doesn't just respond with information, but uses popular open source hacking tools to help you hack. There are a variety of open source tools, including Subfinder, Katana, and Naabu, which can be selected as plugins.
Even if you don't choose a plugin, if you make a request in a dialog like this, it will automatically respond with the appropriate open source hacking tool for your request.
3. Utilization
HackerGPT is a hacking-focused version of the GPT model that is blocked against basic malicious requests, but can be circumvented with the same additional explanations as traditional GPT models.
It provides a detailed guide to attack methods such as SQL Injeciton and XSS attacks, and offers alternatives if you tell it that you were unsuccessful. You can also provide information about your hacking goals to get more accurate hacking guidance.
There's also the fact that HackerGPT is open-source, meaning that anyone can utilize its GPT model.
However, due to HackerGPT's policy of being used for ethical purposes, it's not very helpful for carrying out sophisticated attacks, and its complete reliance on plugins like cvemap for the latest vulnerabilities or outdated CVEs is also seen as a drawback.
4. Conclusion
The technology of AI models is used in various fields, and it can be used both positively and for malicious purposes, and we analyzed one of the best examples, HackerGPT.
HackerGPT provides a detailed guide to web and network attacks, including how to create phishing emails, information on CVEs, and a guide to exploiting vulnerabilities, and allows users to plug-in open-source tools to get the information they need when working on an attack.
Because it focuses on hacking as a whole, it is more specialized than ChatGPT, which is a representative AI model, and I think it is an AI model that can be utilized in various ways from beginners to experienced hackers because HackerGPT does not just answer questions but also collects information necessary for hacking tasks through plug-ins.
As more and more AI models like this become available, hacking will become more accessible and less difficult, and we expect to see more and more attackers attempting attacks against organizations and companies.
5. References
https://socradar.io/rise-of-malicious-ai-tools-a-case-study-with-hackergpt/
https://github.com/Hacker-GPT/HackerGPT-2.0