Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
bflesch a day ago

Ego, curiosity, potential bug bounty & this was a low hanging fruit: I was just watching API request in Devtools while using ChatGPT. It took 10 minutes to spot it, and a week of trying to reach a human being. Iterating on the proof-of-concept code to increase potency is also a nice hobby.

These kinds of vulnerabilities give you good idea if there could be more to find, and if their bug bounty program actually is worth interacting with.

With this code smell I'm confident there's much more to find, and for a Microsoft company they're apparently not leveraging any of their security experts to monitor their traffic.

orf a day ago | parent [-]

Make it reflective, reflect it back onto an OpenAI API route.

asah 21 hours ago | parent | next [-]

Lol but actually this is a good way to escalate priority. Better yet, point it at various Microsoft sites that aren't provisioned to handle the traffic and let them internally escalate.

shakna 4 hours ago | parent [-]

In my experience, that'd turn into a list of exceptions, rather than actually fixing the problem.

bflesch 10 hours ago | parent | prev [-]

I'm not a malicious actor and wouldn't want to interrupt their business, so that's a no-go.

On a technical level, the crawler followed HTTP redirects and had no per-domain rate limiting, so it might have been possible. Now the API seems to have been deactivated.