Step aside Pinkie Pie, there's a new pony-avatar hacker in town, and this time it's a Flutterfag. Well maybe not a hacker, but a brony who exposed/exploited a security flaw nonetheless.
Today, according to the Washington Post, a twitter user by the name of @derGruhn made a tweet, that was retweeted by "more than 40,000 twitter users automatically".
Here's what went down apparently.
This video gives a rundown of the event that, at press time, triggered the automatic retweeting of a heart symbol over 84 Thousand Times.
This line of XSS code, ultimately forced Tweetdeck to shut down its services for some time.
Show musical staffmember Steffan Andrews took notice of this, issuing his acknowledgement in the form of a tweet.
Service was returned about an hour later. All of this caused by a single tweet by a man with a Fluttershy avatar. This is not the first time a user with a ponified identity has exposed security risks in widely used software. Last year Google shelled out 40 large to a hacker known as "Pinkie Pie" for exploiting a hole in Google Chrome. Word is that he is still active in working on software security projects, as this post about Linux shows from last Thursday.
This guy was far from first to actually find it. He was the first one to squeeze in a payload that retweets itself though. Hell, this post from F-Secure was a couple of hours before it.
ReplyDeletehttp://www.f-secure.com/weblog/archives/00002167.html
best fandom
ReplyDeletehue
XSS exploits aren't that hard to execute/find - surprised Twitter was stupid enough to let such a huge bug in their code though after the fiasco during the last XSS worm.
ReplyDeleteIn the fast-paced realm of web development, mastering React is not just a skill; it's a strategic advantage. Our team at react development services understands the significance of staying ahead in the digital landscape. In this comprehensive guide, we delve into the intricacies of React development, providing insights and strategies to empower your web projects.
ReplyDelete