Imgur 0-day exploit used as botnet

09-22-2015, 02:18 PM #1

Tustin

Balls of Steel

5,462

Posts

310,706

Reputation

2,580

Credits

Former Staff

May 2008

NextGenUpdate

(adsbygoogle = window.adsbygoogle || []).push({}); Saw this on Reddit and thought it was interesting. Basically someone found an exploit in Imgur that let them upload an image injected with a payload that contains some code/other files. What did they do with this exploit? Used it to open tons of other images from both 4chan and/or 8chan when the user views the hacked images and posted it on said sites, thus creating a DDoS attack. Pretty neat stuff.

You must login or register to view this content.

The code in question
You must login or register to view this content.

(adsbygoogle = window.adsbygoogle || []).push({});

The following 4 users say thank you to Tustin for this useful post:

Alt, NJN, RTE, Jon Snow

09-22-2015, 02:32 PM #2

RTE

Former Staff

3,317

Posts

64,003

Reputation

6,019

Credits

NextGenUpdate Elite

Feb 2013

NextGenUpdate

Originally posted by Big

Saw this on Reddit and thought it was interesting. Basically someone found an exploit in Imgur that let them upload an image injected with a payload that contains some code/other files. What did they do with this exploit? Used it to open tons of other images from both 4chan and/or 8chan when the user views the hacked images and posted it on said sites, thus creating a DDoS attack. Pretty neat stuff.

You must login or register to view this content.

The code in question
You must login or register to view this content.

das some spooky shit Badass

09-22-2015, 02:49 PM #3

Oneup

Guest

n/a

Posts

n/a

Reputation

n/a

Credits

Member

Once upon a time...

NextGenUpdate

Originally posted by Big

Saw this on Reddit and thought it was interesting. Basically someone found an exploit in Imgur that let them upload an image injected with a payload that contains some code/other files. What did they do with this exploit? Used it to open tons of other images from both 4chan and/or 8chan when the user views the hacked images and posted it on said sites, thus creating a DDoS attack. Pretty neat stuff.

You must login or register to view this content.

The code in question
You must login or register to view this content.

I was reading about that earlier this morning. Thought it was kinda slick how they went about it.

09-22-2015, 02:59 PM #4

Ciri

I defeated!

657

Posts

20,583

Reputation

106

Credits

Member

Mar 2014

NextGenUpdate

i did this Drack

09-22-2015, 03:49 PM #5

Jon Snow

Di DonDadda

2,956

Posts

45,434

Reputation

5,968

Credits

Premium

Mar 2013

NextGenUpdate

Originally posted by Big

Saw this on Reddit and thought it was interesting. Basically someone found an exploit in Imgur that let them upload an image injected with a payload that contains some code/other files. What did they do with this exploit? Used it to open tons of other images from both 4chan and/or 8chan when the user views the hacked images and posted it on said sites, thus creating a DDoS attack. Pretty neat stuff.

You must login or register to view this content.

The code in question
You must login or register to view this content.

thats some crazy shit

09-22-2015, 06:10 PM #6

ResistTheSun

In Flames Much?

12,310

Posts

95,219

Reputation

1,427

Credits

Former Staff

Sep 2010

NextGenUpdate

Wow....

Credit to them. Guessing it was easy to find the source of the attack given how it was linked an image.

09-22-2015, 06:49 PM #7

Esker

Samurai Poster

2,317

Posts

15,832

Reputation

126

Credits

Member

Jul 2013

NextGenUpdate

is it patched?

09-22-2015, 07:46 PM #8

avatar1o1234

Samurai Poster

2,605

Posts

8,666

Reputation

2,141

Credits

Member

May 2014

NextGenUpdate

Lol Damn people know now.

09-22-2015, 09:23 PM #9

Alt

Banned

13,577

Posts

160,977

Reputation

7,531

Credits

Banned

Jul 2010

NextGenUpdate

Originally posted by Big

Saw this on Reddit and thought it was interesting. Basically someone found an exploit in Imgur that let them upload an image injected with a payload that contains some code/other files. What did they do with this exploit? Used it to open tons of other images from both 4chan and/or 8chan when the user views the hacked images and posted it on said sites, thus creating a DDoS attack. Pretty neat stuff.

You must login or register to view this content.

The code in question
You must login or register to view this content.

It was patched yesterday You must login or register to view this content.

09-23-2015, 11:02 AM #10

Toxic

former staff

1,803

Posts

24,297

Reputation

806

Credits

Former Staff

May 2015

NextGenUpdate

Originally posted by Big

Saw this on Reddit and thought it was interesting. Basically someone found an exploit in Imgur that let them upload an image injected with a payload that contains some code/other files. What did they do with this exploit? Used it to open tons of other images from both 4chan and/or 8chan when the user views the hacked images and posted it on said sites, thus creating a DDoS attack. Pretty neat stuff.

You must login or register to view this content.

The code in question
You must login or register to view this content.

You must login or register to view this content. :|