1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Youtube hacked

Discussion in 'YouTube' started by Anubis1980, Sep 27, 2010.

Tags:
  1. Anubis1980

    Anubis1980 Regular Member

    Joined:
    Mar 20, 2010
    Messages:
    276
    Likes Received:
    81
    Occupation:
    webmaster and father
    Youtube got hacked and many video titles are changed.You can read more on /youtubegothacked(DOT)wordpress(DOT)com .

    Xss site scripting method..Really cool and viral..
     
  2. bugsniper

    bugsniper Newbie

    Joined:
    Aug 8, 2010
    Messages:
    26
    Likes Received:
    2
    The real hacker is most likely DudeTubeHacker, he made an attack list long time ago, and followed it as planned.

    Someone also made the youtube account "saadzim", trying to take adventage of the situation, and pretend to be the hacker, commenting "haha I hacked you" in various videos (Some people will probably ask him how he has done that, and he'll answer them that if they will give him their passwords they will know...)

    No accounts were hacked, only the titles. About 2K video titles were hacked, probably the hacker abused a bug in the HTML script, I have no real idea, maybe you do.

    Maybe this hacking operation will get him a job in a High Tech company, who knows.
    It took youtube 3 hours to take control of the situation. The next attack will probably come soon..

    Sorry for digging I am just bored.
     
  3. Anubis1980

    Anubis1980 Regular Member

    Joined:
    Mar 20, 2010
    Messages:
    276
    Likes Received:
    81
    Occupation:
    webmaster and father
    lol dude...:rolleyes:
    Migueltarga and saadzim found this security hole and its made by a php script.. Link to script its posted on this wordpress blog on first post.Also the list of the victims..
     
  4. robertpaultech

    robertpaultech Registered Member

    Joined:
    Sep 13, 2010
    Messages:
    71
    Likes Received:
    1
    really shocked to hear this.
     
  5. accelerator_dd

    accelerator_dd Jr. VIP Jr. VIP Premium Member

    Joined:
    May 14, 2010
    Messages:
    2,441
    Likes Received:
    1,005
    Occupation:
    SEO
    Location:
    IM Wonderland
    XSS is CrossSiteScripting and it's a client side attack. It's not server based so the titles have been changed by infected users rather then the hacker. :)
     
  6. menzow

    menzow Junior Member

    Joined:
    Apr 20, 2010
    Messages:
    141
    Likes Received:
    101
    Thats indeed correct,
    But hey, whats the difference? If you change a website's appearing to everyone who is using the website, and has javascript enabled, its like hacking the website serverside right?

    You can even get logins etc, by making a small iframe, and using a cookie hijacking trick.

    Or just redirect all the users to another site.. etc.


    Seriously, XSS has became really hot lately, and its indeed one of the easiest way to exploit a famous website.
     
  7. ReggaeShark

    ReggaeShark Elite Member

    Joined:
    Jul 27, 2010
    Messages:
    1,952
    Likes Received:
    606
    Gender:
    Male
    Occupation:
    The Tea Seller
    Location:
    India
    I agree. a gr8 hacker :p
    last tym they did xss on orkut :p
    changed the comm owners :D
    and recently "Bom Sabado" day b4 yesterday or b4 tht :D
     
  8. sakkid

    sakkid Newbie

    Joined:
    Apr 26, 2009
    Messages:
    3
    Likes Received:
    1
    I thought BIG G had the best programmers on the planet! Google should just hire this guy..... Or have they?
     
  9. bannedfree

    bannedfree Regular Member

    Joined:
    Jan 31, 2010
    Messages:
    444
    Likes Received:
    43
    Occupation:
    World Wide Web Worker
    Location:
    near an active volcano
    LoL this is not about hacking man. Anubis1980 just wants to gain traffic to wards his site.

    Notice his first post he is telling about YT got hacked and refers to a site.WP for more details of the story which happens to be obviously a blog. Since its a .wp.com

    2nd thing is that he then mentioned about scripting method and viral stuff like that.

    But i give a good credit to Anubis though for thinking a good topic for someone to be interested in and visit his blog. Good thinking man. nice move. ;)
     
  10. kingpin123

    kingpin123 Registered Member

    Joined:
    Apr 2, 2009
    Messages:
    64
    Likes Received:
    22
    Home Page:
    yes orkut was screwed the day before yesterday
     
  11. pruss25

    pruss25 Newbie

    Joined:
    Sep 17, 2010
    Messages:
    42
    Likes Received:
    4
    Ha yeah that's what I thought when I read the first post.

    Pretty good thinking though. :cool:
     
  12. accelerator_dd

    accelerator_dd Jr. VIP Jr. VIP Premium Member

    Joined:
    May 14, 2010
    Messages:
    2,441
    Likes Received:
    1,005
    Occupation:
    SEO
    Location:
    IM Wonderland
    Iframing some affiliate for entertainment (since it has sick coversions) when used with videos would make them millions!!!

    And google doesn't have the best hackers in the world. I know one of them (talked to him 2 times) and he is teaching people for free (not noobs but ppl that want to learn). He doesn't have a high paying IT job. He does it because he loves it, not for the money. Google has the money hackers that will never be good at it.

    Google "Adrian Lamo" to get the insignt of how a real hacker thinks if you're interested.
     
  13. Anubis1980

    Anubis1980 Regular Member

    Joined:
    Mar 20, 2010
    Messages:
    276
    Likes Received:
    81
    Occupation:
    webmaster and father
    Hi ppl,

    lol..sure.. i won´t gain traffic to a site..Its just to show the dark side of youtubes security and also to show you that google is trying to hide this.Search for it, you won´t find many sources.


    My niche is amateur and mobile porn.I´m good in it ;)

    mysql_query("INSERT INTO vagina (vid) VALUES ('".$_GET["c"]."')"); ;)
     
    • Thanks Thanks x 1