« Should the W3c nofollow
WordPress 2.2.1 »

Youtube Give Users FTP Details away

if you search Google for this query site:youtube.com “clicks from ftp @” you can see all the ftp Details:

Hat Tip to : http://websecurity.com.ua/category/moseb/

If these kinda of things worry you you should read in this order :

http://ha.ckers.org/
Jeremiah grossman
Ronald

warning this stuff may scare you a little.

DaveN
In a Pissy mood today, no likes brute force

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • Sphinn
  • Live
  • StumbleUpon

9 Comments | Leave a comment »

  1. 1. gimpy | June 21st 2007 @ 11:02 am

    This is why I use different passwords all over the place. You never know who is going to fuck up and give yours out.

    I have different types for different situations based on my assessment of risk and how much I care for something. When I use my name as the password, you can be sure it is low on my list.

  2. 2. Rob Haswell | June 21st 2007 @ 11:39 am

    It’s true, which is good because all I have to do is work out how risky something is and I know which of gimpy’s passwords to use. Works a charm.

  3. 3. gimpy | June 21st 2007 @ 2:33 pm

    there are some that not even you know Rob, but with root access it don’t mean plop!

  4. 4. kuza55 | June 22nd 2007 @ 12:34 am

    Just wanted to point out, that while I can’t access the MOSEB site I can’t see what MustLive said about it, but the issue was originally reported by Lyecdevf here: http://www.w4ck1ng.com/board/showthread.php/new-youtube-exploit-ftp-5521.ht

  5. 5. kuza55 | June 22nd 2007 @ 12:38 am

    Actually, I just realised that Lyecdevf (probably) found it from a video himself, http://www.youtube.com/watch?v=Bz7Tfjns7ZM

    My mistake…..

  6. 6. chris | June 22nd 2007 @ 9:13 am

    omg what a fucking mess!!! I’ve tried some of the FTP’s on the first few pages. And indeed: some of the ftp’s already have tags and other garbage :)

  7. 7. anop | June 22nd 2007 @ 10:47 am

    which crazy browser is sending login credentials in the referer?! I sure as hell hope that isnt firefox.

  8. 8. A YouTube Bug Outs its Users’ FTP | June 22nd 2007 @ 2:32 pm

    […] [via DAVEN] Read More: Bugs, Google, HackingShare This […]

  9. 9. Forrest | November 18th 2007 @ 7:04 am

    Gimpy - strange nick - is absolutely right … it’s a good point. Sort of like how you give a man a fish, and all that: if you use the same password everywhere and it’s compromised, you’re SOL, but if every site has a different password, as horrible as that is to keep track of, it’s what everyone needs to do. Because there’ll always be some boneheaded company around to release everyone’s password to the public. Or an old lady’s search records. Or …

Leave a Reply

required

required, hidden

one.com
smx

Start with £50 credit in your new Yahoo! Search Marketing account for a limited period only.

+ Advertise Here