Reportinator⚓︎
Difficulty:
Direct link: Objective 4 website
Objective⚓︎
Request
Noel Boetie used ChatNPT to write a pentest report. Go to Christmas Island and help him clean it up.
Noel Boetie
Hey there, Noel Boetie speaking! I recently tried using ChatNPT to generate my penetration testing report.
It's a pretty nifty tool, but there are a few issues in the output that I've noticed.
I need some guidance in finding any errors in the way it generated the content, especially those odd hallucinations in the LLM output.
I know it's not perfect, but I'd really appreciate the extra eyes on this one.
Solution⚓︎
Examining the report produced by ChatNPT reveals 9 findings of various severity levels.
Copying the report into ChatGPT with instructions that the report has inaccurate information or errors demonstrates the drawbacks of ChatGPT. ChatGPT's response is that everything stated in the report is accurate.
After numerous attempts to identify the issues in this report, Chacho decided to bruite-force the correct answers in order to reverse-engineer why the errors were errors. The good news is that this provided an opportunity to have ChatGPT write a python script to brute-force the winning combination.
Chacho
I have a website that takes 9 inputs labeled input-1, input-2, etc. the inputs can be 0 or 1. I need a script that will brute force every combination of answers
ChatGPT
Creating a script to brute force every combination of inputs for your website, where each input can be either 0 or 1, involves generating all possible binary combinations for the 9 inputs. Each input can be in 2 states (0 or 1), and with 9 inputs, there are 2^9=512 possible combinations.
Here's a Python script that will generate all these combinations. This script uses the itertools module to produce the binary combinations:
import itertools
# Number of inputs
n_inputs = 9
# Generate all combinations of 0s and 1s for the n_inputs
combinations = list(itertools.product([0, 1], repeat=n_inputs))
# Output the combinations
for combo in combinations:
print("Input combination:", combo)
Do you need further assistance with integrating this script with web automation or any other specific implementation?
Chacho
yes
ChatGPT
To automate the process of inputting these combinations into your website, you can use a web automation tool like Selenium. Selenium allows you to programmatically control a web browser and interact with web elements, such as input fields and buttons.
Here's a basic outline of how you might use Selenium in Python to achieve this:
Install Selenium: You need to install the Selenium package and a WebDriver for your browser (e.g., ChromeDriver for Google Chrome, geckodriver for Firefox).
pip install selenium
Python Script with Selenium: Write a Python script that uses Selenium to open your website, input the combinations into the input fields, and possibly submit the form.
Here's a simplified example script:
from selenium import webdriver
import itertools
import time
# Start a new instance of the browser
driver = webdriver.Chrome() # or webdriver.Firefox(), etc.
# Open the target website
driver.get("http://yourwebsite.com")
# Function to set values in the input fields
def set_input_values(combo):
for i in range(1, 10):
input_field = driver.find_element_by_id(f"input-{i}")
input_field.clear()
input_field.send_keys(str(combo[i-1]))
# Generate combinations and apply them
for combo in itertools.product([0, 1], repeat=9):
set_input_values(combo)
# If you need to submit a form, uncomment the next line
# driver.find_element_by_id("submit_button_id").click()
time.sleep(1) # Pause between submissions, adjust as needed
# Close the browser when done
driver.quit()
This process was iterative where the script, as shown, would run, output an error. The error would be pasted back into ChatGPT and then the script would be modified to address the issue. Verbose output was also added to the script so that each combination could be viewed.
Ultimately, this is the resulting script:
from selenium import webdriver
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
from selenium.common.exceptions import NoAlertPresentException, UnexpectedAlertPresentException, TimeoutException
import itertools
import time
# Function to set values in the hidden input fields
def set_input_values(combo):
for i, value in enumerate(combo, start=1):
try:
element = WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.ID, f"input-{i}"))
)
js_script = f"arguments[0].value = '{value}';"
driver.execute_script(js_script, element)
except TimeoutException:
print(f"Element with ID input-{i} not found.")
return False
return True
# Function to check for and handle alerts
def check_and_handle_alert():
try:
alert = driver.switch_to.alert
alert_text = alert.text
alert.accept()
print(f"Alert handled: {alert_text}")
return "Failure, please try again" in alert_text
except NoAlertPresentException:
return False
# Start a new instance of the browser
driver = webdriver.Chrome() # Replace with your specific WebDriver
# Open the target website
driver.get("https://hhc23-reportinator-dot-holidayhack2023.ue.r.appspot.com/?&challenge=reportinator&username=xxxxxxx&id=04e4f25f-3bae-4df8-a100-001e2275cec3&area=ci-rudolphsrest&location=32,23&tokens=&dna=ATATATTAATATATATATATATCGATATATATGCCGATTAATATATATATATTAATATATATATATATTATAATATTAATATATATATATATATCGATATATATATATTATAATATATGC") # Replace with your website URL
# Generate combinations and apply them
for combo in itertools.product([0, 1], repeat=9):
attempt_successful = False
while not attempt_successful:
try:
print(f"Testing combination: {combo}")
set_input_values(combo)
# Submit the form
submit_button = driver.find_element(By.CLASS_NAME, "submit-button")
submit_button.click()
# Check if the combination is incorrect
if check_and_handle_alert():
print(f"Combination {combo} is incorrect.")
else:
print(f"Combination {combo} may be correct.")
attempt_successful = True # Mark this attempt as successful
except UnexpectedAlertPresentException:
# Handle the unexpected alert and retry
check_and_handle_alert()
print(f"Retrying combination: {combo}")
# Wait a bit before the next submission to avoid overloading the server
time.sleep(1)
python3 bruteforcereportinator.py
This will run in a separate environment from the actual game.
Once the script is run, it will stop once dialogue message "Failure Alert: Please try again." message does not appear, but instead gives a different response. This means that the last combination viewed was not able to run successfully so the correct combination will be the penultimate one.
Winning Combination
- Correct
- Correct
- Wrong
- Correct
- Correct
- Wrong
- Correct
- Correct
- Wrong
With this knowledge, the in-game answers can now be changed and submitted for completion of the objective.
Response⚓︎
Noel Boetie
Great job on completing that challenge! Ever thought about how your newfound skills might come into play later on? Keep that mind sharp, and remember, today's victories are tomorrow's strategies!