How to AI prompt Engineering with missed CAPTCHA , and How CloudFront Fails to Filter Requests? Part II
Earlier, I wrote an article where I described how important CAPTCHA is. Because it is easy to spam (in my case) someone (who can be a victim) by email, load Amazon DB with fake information, and spam the victim. In this article, I want to show you how I developed that script using ChatGPT to save time. It’s no secret that CAPTCHA prevents automation of fulfilled activities. I decided to develop something out of interest to see if it was possible, and AI assisted me. I used ChatGPT to provide the expected answers.
So, let’s start: First, I asked how to develop a script for clicking on the fields: First name, Last name, and Email using Python3. It provided me with some draft code, and I asked it to use the Selenium Python library. I carefully reviewed it and asked it to add a config parser for a config.ini file, where I can easily add or change the email address or target URL. Here is the action of what to do: open the browser’s developer console, click and copy all relevant fields “COPY element(s)”, and put them into the ChatGPT prompt.
I asked ChatGPT to print the first code. I used the System Prompt to generate the code. After that, I used Custom Instructions prompts. More about ChatGPT prompts can be found here.
By the way, the System Prompts are extra instructions given to guide the behavior of the LLM. They are considered separate from the standard prompts, known as User Prompts, typically used with the LLM. As you can see, I tried to prevent the LLM from generating hallucinations by printing out N/A instead. I also employed System Prompts to give the LLM instructions that should be remembered and followed throughout the entire conversation. As a result, I received an optimised and clear output.
Then, after I verified that all fields were filled as needed, I created a new prompt to add randomly generated characters. For fun, I decided to generate 1000 characters, and 10,000. After that, I realised it was not funny. It was an additional BUG! So, I need to report it too.
An attacker can exploit this by sending a large number of emails to the victim, thereby increasing the client’s bill for unnecessary emails, in this case, Ericsson (Billing DDoS attack). This vulnerability can be used to carry out a Billing DDoS attack.
As shown in the screenshot, a single interaction on the “Join Talent Network” page resulted in 1.8 MB of data being transferred. This includes multiple GET and POST requests, along with other resources. An attacker could automate this process, causing significant data transfer and server load, ultimately increasing costs for the company.
Then ChatGPT provided and guided me with instructions like pip install requests, selenium, fake, and other relevant libraries. It is easy to install all dependencies. If an error occurs, I can easily copy and paste the terminal output into the AI prompt. Also, I control the script output and clearly understand what I can expect. If something is not working, I ask AI to print out some functions for more clues about what is broken, and maybe I provided the wrong X-PATH.
It was fun and quite easy to develop a working script. In summary, I spent 8 hours developing it as expected, even without deep knowledge of Python or related technologies.
Conclusion: It is so easy to develop a script and use it for non-legal purposes. I hope businesses can implement the best security practices and improve their service.
Ericsson has been notified about this problem, and the ball is in their court. As they emailed me, all is fine for their business. However, as of this date, it still allows an attacker to exploit these vulnerabilities. :(
P.S. By the way, people say that 80% of AI-generated code is vulnerable. But in this article, I show that it doesn’t matter because the script spams and performs a DDoS billing attack. In this case, it doesn’t matter if the code is vulnerable or not. We need to tackle this like we do with automatic form filling, and there has long been a solution called CAPTCHA.