Comment by stavros
7 hours ago
My local tennis court's reservation website was broken and I couldn't cancel a reservation, and I asked GLM-5.1 if it can figure out the API. Five minutes later, I check and it had found a /cancel.php URL that accepted an ID but the ID wasn't exposed anywhere, so it found and was exploiting a blind SQL injection vulnerability to find my reservation ID.
Overeager, but I was really really impressed.
Yeah it seems they did not align it to much, at least for now. Yesterday it helped me bypass the bot detection on a local marketplace. that i wanted to scrap some listing for my personal alerting system. Al the others failed but glm5.1 found a set of parameters and tweaks how to make my browser in container not be detected.
I always jump on the Chinese models when I'm trying to do something that the US ones chastise me for, they're a little more liberal, especially around copyright.
Model doing what the user wants with high quality is definitely aligned in my book.
It's too much in the direction of the paperclip maxmizer for me. It should only hack sites when explicitly directed to, not as a default.
> Five minutes later, I check and it had found a /cancel.php URL that accepted an ID but the ID wasn't exposed anywhere, so it found and was exploiting a blind SQL injection vulnerability to find my reservation ID.
xkcd was prescient once again... https://xkcd.com/416/
Hell, this one time, my AI assistant hacked itself trying to book an appointment for me!
That is both amazing and terrifying.
This is insane, I love it.
Unfathomably based.