- Nov 5, 2011
- 5,855
.
Egor Homakov hacks easily GitHub topic for you .. Fun side of not having the Security.
* GitHub and Rails: You have let us all down. : on chrisacky.posterous.com : http://chrisacky.posterous.com/github-you-have-let-us-all-down
QUOTE:
'Every GitHub repository was vulnerable to attack and absolutely nothing was safe.'
* How GitHub was hacked : homakov.blogspot.com : http://homakov.blogspot.com/2012/03/how-to.html#
QUOTE:
'How-To'
'after that procedure your victim got your public key. Enjoy your pushing '
* "Egor, stop hacking GH" : http://homakov.blogspot.com/2012/03/egor-stop-hacking-gh.html
QUOTE:
'I'm not done yet. Why I do this? Since guys in rails issues ingored me and my issue I got spare time to test it on the first website i had in mind. github.
That was pretty funny. Firstly, I could write post from 1234 year or 4321.
Then, I could make a post pretending i am DHH. That was funny too.
Then I could wipe any post in any project. That wasn't that funny but pretty dangereous. It got more curious.
Today I can pull/commit/push in any repository on github. Jack pot.
I will write big post regards this topic - examples(not only github is vulnerable this way - I found a lots of rails apps that are waiting for my hack! Yeah, it is only start). stay tuned.
P.S. GH sorry, I was bored.'
* GitHub and Rails: wow how come I commit in master? : https://github.com/rails/rails/commit/b83965785db1eec019edf1fc272b1aa393e6dc57
QUOTE:
'Nice catch haha!'
* Did GitHub Suspend Egor Homakov account? : i'm disappoint, github : http://homakov.blogspot.com/2012/03/im-disappoint-github.html
QUOTE:
'Yes I behaved like a jerk. But why you suspended my account? Oh yea, Terms.
But, let's get it real. It is not the way you were supposed to fix things.
I, dammit, LOVE YOU : http://homakov.blogspot.com/2011/07/octocat-tattoo.html
.....................................................
.
Egor Homakov hacks easily GitHub topic for you .. Fun side of not having the Security.
* GitHub and Rails: You have let us all down. : on chrisacky.posterous.com : http://chrisacky.posterous.com/github-you-have-let-us-all-down
QUOTE:
'Every GitHub repository was vulnerable to attack and absolutely nothing was safe.'
* How GitHub was hacked : homakov.blogspot.com : http://homakov.blogspot.com/2012/03/how-to.html#
QUOTE:
'How-To'
'after that procedure your victim got your public key. Enjoy your pushing '
* "Egor, stop hacking GH" : http://homakov.blogspot.com/2012/03/egor-stop-hacking-gh.html
QUOTE:
'I'm not done yet. Why I do this? Since guys in rails issues ingored me and my issue I got spare time to test it on the first website i had in mind. github.
That was pretty funny. Firstly, I could write post from 1234 year or 4321.
Then, I could make a post pretending i am DHH. That was funny too.
Then I could wipe any post in any project. That wasn't that funny but pretty dangereous. It got more curious.
Today I can pull/commit/push in any repository on github. Jack pot.
I will write big post regards this topic - examples(not only github is vulnerable this way - I found a lots of rails apps that are waiting for my hack! Yeah, it is only start). stay tuned.
P.S. GH sorry, I was bored.'
* GitHub and Rails: wow how come I commit in master? : https://github.com/rails/rails/commit/b83965785db1eec019edf1fc272b1aa393e6dc57
QUOTE:
'Nice catch haha!'
* Did GitHub Suspend Egor Homakov account? : i'm disappoint, github : http://homakov.blogspot.com/2012/03/im-disappoint-github.html
QUOTE:
'Yes I behaved like a jerk. But why you suspended my account? Oh yea, Terms.
But, let's get it real. It is not the way you were supposed to fix things.
I, dammit, LOVE YOU : http://homakov.blogspot.com/2011/07/octocat-tattoo.html
.....................................................
.