Hacker Read

octoberfranklin · 2022-03-04 20:08:07

I have been seeing this weekly the past few months.

People have found a vulnerability and learned how to hack it.

waihtis | karma 2189 | avg karma 2.14 · | 2020-09-19 18:36:00

Exploits for this have been floating on Github for at least a week already. The vulnerability game has become pretty fast paced nowerdays..

EricR23 | karma 235 | avg karma 4.43 · | 2012-05-04 02:37:12+00:00

To my knowledge, this vulnerability is anything but new. It's been around for years.

Simon_M | karma 332 | avg karma 11.86 · | 2011-06-21 05:07:35

I wonder if they are using the same (undocumented) exploit for each of these attacks.

I am certainly no expert in this field, but I would have thought discovering new exploits and security holes would take time, yet these guys are hitting several major sites a week.

reply

MagicMoonlight | karma 1334 | avg karma 1.8 · | 2023-03-23 14:00:23

When we were first breaking it people were wondering if the developers were sitting in threads looking for new exploits to block.

Now I’m wondering if the system has been modifying itself to fix exploits…

reply

jtchang | karma 5696 | avg karma 5.02 · | 2015-06-27 07:01:08+00:00

It is kind of scary how good the attackers are getting at exploiting code.

It must take a considerable amount of work to get proficient in analyzing and exploiting some of this code.

reply

colinbartlett | karma 5459 | avg karma 4.98 · | 2016-06-24 20:41:08+00:00

I think it's interesting and noteworthy and I enjoy and upvote every time such vulnerabilities are reported here on HN.

throwno | karma 14 | avg karma 0.21 · | 2020-01-10 17:08:23

So true. I saw this vulnerability was posted a day ago, and immediately flagged.

fulafel | karma 12262 | avg karma 1.65 · | 2018-03-03 12:04:07+00:00

Vulnerabilities are discovered, exploits are implemented.

benmmurphy | karma 2132 | avg karma 2.69 · | 2013-01-08 20:46:22+00:00

I think people went looking for ways to exploit this vulnerability and ending up finding this vulnerability.

bdrum | karma 0 | avg karma 0.0 · | 2021-03-19 20:06:29+00:00

There are so many news about different exploits. Let's closer look how it is working.

Oculus | karma 1506 | avg karma 3.61 · | 2014-09-24 14:44:31+00:00

Have big security vulnerabilities been cropping up more often recently or does it seem that way because I've started to pay attention?

modoc | karma 3015 | avg karma 3.4 · | 2021-12-13 14:35:28

It was being exploited in the wild at least as early as Dec 1st (based on log analysis I've seen). The rate of attempted exploits went WAY up after the 9th.

vmception | karma 13016 | avg karma 1.62 · | 2021-04-06 10:22:52+00:00

Also its worth considering that all these applications get updated like every week, so something that was ruled out in the past can be exploitable now.

JoshTriplett | karma 44606 | avg karma 4.76 · | 2017-11-29 08:21:55

Exactly. I intentionally posted this separately, because it's particularly interesting where and how the vulnerability was originally posted. And it certainly seems to have attracted some discussion.

Scoundreller | karma 16473 | avg karma 1.92 · | 2019-04-27 04:37:03+00:00

Which vulnerability was this?

snvzz | karma 9921 | avg karma 2.04 · | 2020-06-08 17:35:19+00:00

They've learned about plausible deniability.

At least, if it looks like a vulnerability, they can probably get away with it.

reply

numpad0 | karma 6056 | avg karma 1.35 · | 2023-04-10 11:26:00

Vulnerabilities are discovered too

dfranke | karma 7261 | avg karma 4.85 · | 2009-05-21 18:36:26+00:00

Huh. This is a pretty straightforward vulnerability. The fact that it took anyone this look long to notice makes me skeptical that it's really this simple. I'll make a note to toy with this and see if it's actually exploitable.

jgeralnik | karma 1150 | avg karma 5.64 · | 2013-01-08 16:40:37

That's how this vulnerability came to light. After finding out about the last vulnerability, there was a huge amount of interest in seeing if parameters could be exploited, leading to a number of people simultaneously discovering this flaw.