Mini Spy

Loading...

Latest Threads

Loading...
 
  1. Cyberghost EXCLUSIVE GIVEAWAY: CYBERGHOST SPECIAL EDITION UNLIMITED GIVEAWAY

    Starting with Wednesday, 6th of August get a free 1 year license license key for CyberGhost Special Edition. We are giving away CyberGhost Special Edition 15.000 license keys in a 48 hours promo for our awesome members!

    Get a CyberGhost Special Edition license key!

  2. avast! Premier 2014 Giveaway EXCLUSIVE GIVEAWAY: AVAST PREMIER 2014 GIVEAWAY

    Each day get a free license key for avast! Premier 2014. We are giving away avast! Premier 2014 license keys for our awesome members!

    Get now an Avast Premier 2014 license key!

  3. Bitdefender EXCLUSIVE GIVEAWAY: BITDEFENDER INTERNET SECURITY 2015 UNLIMITED GIVEAWAY

    Get a free license key for Bitdefender Internet Security 2015. We are giving away Bitdefender Internet Security 2015 6 months license keys for our awesome members!

    Get now a Bitdefender Internet Security 2015 license key!

  4. Use caution when opening email attachments
    Email attachments are a common tool for attackers because forwarding email is so simple. Users often open attachments that appear to come from someone they know or an organization they do business with. Almost any type of file can be attached to an email message, so attackers have more freedom with the types of viruses they can send. If your email program includes an option to automatically download email attachments, DON'T take it. Doing so could immediately expose your computer to any viruses included in the email attachments.

Egor Homakov hacks easily GitHub

Discussion in 'Other Security Related Discussions' started by Prorootect, Mar 5, 2012.

  1. Prorootect

    Prorootect Well-Known Member

    Joined:
    Nov 5, 2011
    Messages:
    2,626
    Likes Received:
    1,411
    Trophy Points:
    468
    .
    Egor Homakov hacks easily GitHub topic for you .. Fun side of not having the Security.

    * GitHub and Rails: You have let us all down. : on chrisacky.posterous.com : http://chrisacky.posterous.com/github-you-have-let-us-all-down

    QUOTE:
    'Every GitHub repository was vulnerable to attack and absolutely nothing was safe.'

    * How GitHub was hacked : homakov.blogspot.com : http://homakov.blogspot.com/2012/03/how-to.html#

    QUOTE:
    'How-To'
    'after that procedure your victim got your public key. Enjoy your pushing '

    * "Egor, stop hacking GH" : http://homakov.blogspot.com/2012/03/egor-stop-hacking-gh.html

    QUOTE:
    'I'm not done yet. Why I do this? Since guys in rails issues ingored me and my issue I got spare time to test it on the first website i had in mind. github.
    That was pretty funny. Firstly, I could write post from 1234 year or 4321.
    Then, I could make a post pretending i am DHH. That was funny too.

    Then I could wipe any post in any project. That wasn't that funny but pretty dangereous. It got more curious.
    Today I can pull/commit/push in any repository on github. Jack pot.

    I will write big post regards this topic - examples(not only github is vulnerable this way - I found a lots of rails apps that are waiting for my hack! Yeah, it is only start). stay tuned.
    P.S. GH sorry, I was bored.'

    * GitHub and Rails: wow how come I commit in master? : https://github.com/rails/rails/commit/b83965785db1eec019edf1fc272b1aa393e6dc57

    QUOTE:
    'Nice catch haha!'

    * Did GitHub Suspend Egor Homakov account? : i'm disappoint, github : http://homakov.blogspot.com/2012/03/im-disappoint-github.html

    QUOTE:
    'Yes I behaved like a jerk. But why you suspended my account? Oh yea, Terms.
    But, let's get it real. It is not the way you were supposed to fix things.

    I, dammit, LOVE YOU : http://homakov.blogspot.com/2011/07/octocat-tattoo.html

    ..................................................... [​IMG]
    .
  2. Prorootect

    Prorootect Well-Known Member

    Joined:
    Nov 5, 2011
    Messages:
    2,626
    Likes Received:
    1,411
    Trophy Points:
    468
    .
    How Homakov hacked GitHub and the line of code that could have prevented it : https://gist.github.com/1978249

    QUOTE:
    '@homakov’s explot on GitHub was simple and straightforward. Calling it an attack makes it sound malicious whereas the truth was that GitHub bolted its front door but left the hinges on quick release. Homakov released the hinges, walked in and shouted to anyone who would listen that they had a problem.

    He was right. The Rails defaults are vulnerable and there’s no better illustration of this than when when one of the best Rails teams in the world is severely compromised.' ..

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads: Egor Homakov
Forum Title Date
Other Security Related Discussions Malware Main Category (For newbies) Mar 26, 2014
Space Bar Which Metal category and bands you listen to (reply only if you listen to Metal) Jan 22, 2013
Avira Software [Avira Free] Which Threat Categories do you recommend me to select? Nov 12, 2011
Feedback and Suggestions Another How-to Category Jun 19, 2011

MalwareTips.com is an independent website.All trademarks mentioned on this page are the property of their respective owners.