Home Unlabelled Twitter.com Hacked Via Text Load Injection by ./BL4CK E4GL3

Twitter.com Hacked Via Text Load Injection by ./BL4CK E4GL3

By
Saturday, March 08, 2014
Read
Add Comment


I found this around 2 AM last night, and it's quite suprising that twitter.com is vulnerable for Text Load Injection . Text load injection is where you're are allowed to inject text from ixData that is an indextable data type. So it will displays message as follow,


{"request":"\/i\/promoted_content\/log.json?BL4CK_E4GL3_W4S_H3RE",
"error":"Invalid event parameter provided."}
 
We will get that message by visiting the following link:
 https://twitter.com/i/promoted_content/log.json?BL4CK_E4GL3_W4S_H3RE  
 
I tried to sumbit it on Defacement Mirror like Zone-H, but I can't 
because someone already sumbitted Twitter.com to that mirror, and it was 
a FAKE defacement. WTF?
 
 
 
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us