Casa > cibernético Notícias > Pornhub in a Server Breach Hoax, Reivindicações de hackers classificaram bogus
CYBER NEWS

Pornhub em um Hoax Breach Servidor, Reivindicações de hackers classificaram bogus

p12_0000

Logo após o Pornhub anunciar seu programa Bug Bounty, um hacker de chapéu cinza conhecido como Revolver divulgou alegações de que o servidor da web do site estava comprometido. Suas alegações eram verdadeiras ou apenas um pedido de atenção?? Vamos ver.

Leia mais sobre PH’s Bug Bounty Program

Em maio 14, Revolver/ @1×0123 posted screenshots on Twitter under the username @1×0123. The screenshots were supposed to show that he had exploited a flaw in Pornhub and had shell access to a Pornhub subdomain. The hacker even went further by promising to sell it for just $1000.

Revolver’s tweet attracted the attention of Steve Ragan. The information security author reported the story about the asserted breach and published it on CSOonline. The author asked Revolver how he got the shell on the subdomain and what exploit he used. The grey hat replied that he used vulnerability in the user profile script that handles image uploads to get shell uploaded, “then browse to uploads path + command inject“.

What Did Pornhub Say?

Even though it may take a lot of time and effort for a vendor to verify a breach, Pornhub responded the next day, saying that they looked into Revolver’s claim only to find out it was bogus. In a statement to CSOonline, Pornhub wrote that Revolver’s attack is not technically feasible, and that no systems were breached. além disso, the image with PHP shell code was fake, and Pornhub’s server wasn’t configured to execute PHP.

Who Is Revolver/ @1×0123?

According to Motherboard, Revolver is a 19-year-old Moroccan gray hat who has previously made similar claims for other websites (LA Times and Mossack Fonseca). Curiosamente, Revolver got credit for disclosing a flaw in Snowden’s website, and this brought him public gratitude from Snowden himself.

In terms of Pornhub’s alleged breach, Revolver has decided to stay silent, tweeting:

revolver-pornhub-claims-twitter-post

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...