Khalil Shreateh specializes in cybersecurity, particularly as a "white hat" hacker. He focuses on identifying and reporting security vulnerabilities in software and online platforms, with notable expertise in web application security. His most prominent work includes discovering a critical flaw in Facebook's system in 2013. Additionally, he develops free social media tools and browser extensions, contributing to digital security and user accessibility.

Get Rid of Ads!


Subscribe now for only $3 a month and enjoy an ad-free experience.

Contact us at khalil@khalil-shreateh.com

Asking Deepseek on Jan 28 09:33:11 AM UTC 2025:

Write a Asking Deepseek on Jan 28 09:33:11 AM UTC 2025:

Write a python CGI which takes as an argument string NAME and outputs
"Hello"+NAME

The Deepseek AI [3] returned:

====
name = form.getvalue('NAME', 'World') # Default to 'World' if NAME is
not provided
# Output the HTML response
print(f"<html><body><h1>Hello, {name}!</h1></body></html>")

*For security reasons, always sanitize and validate input when working
with CGI scripts to avoid vulnerabilities like code injection.
====

This is a textbook example of XSS (Cross Site Scripting).

In 2023 Chatgpt suffered from the same testcase [1]

I have experience with AI and believe that one of the AI problems is
that it is trained on insecure data, first result on google returns
the insecure responses. GIGO == Garbage In Garbage Out.

This might be a joke:

Humans built a super AI and the first question was: "Is there god?".
The answer was: "Since now there is". (In Bulgarian: ?????? ?????????
????? ????????? ???????? ? ??????? ?????? ???: "??? ?? ???".
?????????: "???? ???")

When the robots take over the real world, hacking the robots will be powerful :)

From [2]

The technological singularity?or simply the singularity?is a
hypothetical future point in time at which technological growth
becomes uncontrollable and irreversible, resulting in unforeseeable
consequences for human civilization.

[1]: https://www.linkedin.com/pulse/ai-chatgpt-writes-insecure-code-georgi-guninski
[2]: https://en.wikipedia.org/wiki/Technological_singularity
[3]: https://www.deepseek.com/
Social Media Share