codelikecraze's avatar @codelikecraze

@ee i feel like I am pretty notorious for hacking…. something. I can’t tell for anonymity purposes, but @micahlt knows who I am, and what I found….. a few vulnerabilitys in.

2 0 18

comments (single view)

View parent
oren's avatar @oren

Was it hard to hack?

codelikecraze's avatar @codelikecraze

No… it was a mess. 99% of all user input was not sanitized.

oren's avatar @oren

Must have been hastily built bc Micah doesn't usually make stuff that badly, and its actually really easy to sanitize input. Even just a RegEx can do a lot

codelikecraze's avatar @codelikecraze

It was one of his biggest and most popular projects.

oren's avatar @oren

:O did i overestimate him?

codelikecraze's avatar @codelikecraze

yes. and after all the vulnerabilities were fixed, and he had an amazing developer friendly site, he… completely restarted the project. :clap:

codelikecraze's avatar @codelikecraze

And someone else found a vulnerability that allowed you to log into anyones account.

See more replies
View all comments