Two Photofucket sellers (a tool to retrieve images from private Photobucket folders) arrested & faci - Polidicks - Facepunch Forum

Two Photofucket sellers (a tool to retrieve images from private Photobucket folders) arrested & faci

28 replies, posted
In This Thread

[url]http://www.engadget.com/2015/05/08/photofucket-fusking-arrest/[/url] [quote=Engadget]Years before stolen pictures of celebs hit the internet in a massive bundle, news that Reddit posters were searching for private photos popped up under the term "fusking." As detailed by Buzzfeed in August of 2012, Reddit channels were dedicated to using a security flaw in Photobucket.com to search for pictures posted in private folders. If anyone on the internet knew (or could guess) a private photo's direct URL it was visible, and guessing the default filename of digital photos isn't very difficult. Today the US Department of Justice is announcing the arrest of two men for selling "Photofucket" software that it says stole guest passwords for protected albums and sought out those private pictures. Brandon Bourret of Colorado and Athanasios Andrianakis of Californias are facing charges of "computer fraud and abuse, access device fraud, identification document fraud and wire fraud." Access device fraud carries the longest potential penalty, with up to ten years in federal prison and a $250k fine per count. According to the indictment (PDF), evidence against Bourret and Andrianakis includes emails they sent discussing exploits, customer service messages to Photofucket buyers, and Paypal transfers to fund the operation.[/quote]

there is an exploit like this for google+ because most peopel dont set the images privacy because its turn on to backup to google and automatically sets it as public. just in a hidden album anybody can access by changing one thing in the url.

[QUOTE=ashrobhoy;47695196]there is an exploit like this for google+ because most peopel dont set the images privacy because its turn on to backup to google and automatically sets it as public. just in a hidden album anybody can access by changing one thing in the url.[/QUOTE] seeing how there's like 30 characters of random in a g+ photo URL, want to back that up?

Same thing applies to facebook too iirc

Now we just need to arrest people who use Photobucket. I have no idea why people think that Photobucket, Imageshack, and Tinypic are acceptable in 2015.

[QUOTE=LordCrypto;47695681]seeing how there's like 30 characters of random in a g+ photo URL, want to back that up?[/QUOTE] Well if it was anything like photo bucket all someone had to do was post 1 picture from a private album. Since a lot of people upload a few photos at a time you could just change the last digit or two and see other pictures in the private album. It's by no means a master key into the album in its entirety, but still a flaw none the less.

[QUOTE=Reds;47696369]Now we just need to arrest people who use Photobucket. I have no idea why people think that Photobucket, Imageshack, and Tinypic are acceptable in 2015.[/QUOTE] fuck the gyazo users too

Good, that's some creepy shit

[QUOTE=sambooo;47696749]fuck the gyazo users too[/QUOTE] whats wrong with gyazo?

Now you can just zip your most private ones on dropbox/Google drive or whatever and put the rest on imgur and it's fine

[QUOTE=Reds;47696369]Now we just need to arrest people who use Photobucket. I have no idea why people think that Photobucket, Imageshack, and Tinypic are acceptable in 2015.[/QUOTE] Genuine Question: Can someone explain to me why these sites are "unacceptable"?

[QUOTE=Feroaffer;47697258]whats wrong with gyazo?[/QUOTE] ads, and it's slow as shit use sharex

[QUOTE=Xyrec;47697312]ads, and it's slow as shit use sharex[/QUOTE] [URL="http://i.gyazo.com/2cdbbca684759d5d92cc33478202f1cc.png"]Oh boy it's really hard to get past these ads.[/URL]

[QUOTE=spiritlol;47697359][URL="http://i.gyazo.com/2cdbbca684759d5d92cc33478202f1cc.png"]Oh boy it's really hard to get past these ads.[/URL][/QUOTE] Most people send the shitty link that filled with ads.

[QUOTE=TornadoAP;47697298]Genuine Question: Can someone explain to me why these sites are "unacceptable"?[/QUOTE] I think the biggest problem is both the design of the sites and the difficulty of use. I remember using Photobucket back when I was newer to the internet, and even back then I thought it was convoluted as fuck just to upload some pictures. Same with imageshack, I literally used imageshack once and thought it was so stupid that I never did again, however I do know of a lot of people that still use it frequently for whatever reason. Want to see a good image uploading site? Imgur is a good example. All you need to do is simply drag a photo onto the browser page and it starts uploading instantly, not only that but you can make albums and such without needing to make an account iirc. I'm sure it isn't the best, but it works great for quick image uploading. These sites like Photobucket and Imageshack are kind of like dinosaurs in the internet world, they are outdated and haven't really made any efforts to compete with the likes of imgur and other similar sites.

Cubeupload master race

[QUOTE=Zezibesh;47697593]Cubeupload master race[/QUOTE] I liked tehupload before it got (and I quote) "hacked by arabs".

sharex + imgur or your own site or dropbox, etc. that has space on it.

[QUOTE=ashrobhoy;47695196]there is an exploit like this for google+ because most people dont set the images privacy because its turn on to backup to google and automatically sets it as public. just in a hidden album anybody can access by changing one thing in the url.[/QUOTE] Back it up? -- As far as I know (and being the android nerd I am) photos (Google+ app) automatically backs up into a private folder that cannot be accessed by anyone besides the owner of the account; the photos can be shared individually/per x amount on google plus/via messages but due to high risk of some photos being rather 'naughty' or anything its definitely not put to share by default, only to the private folders. (check under plus.google.com/photos , on the right when you click on a photo you can see it's set to 'private'). Besides that the images are requested per PID / OID ..which are generated and are like 20 characters long each ? [editline]10th May 2015[/editline] When you surf to a photo that's not yours / not your accounts / not shared with you and in the private automatically backed up folder it shows an empty frame.. So ?

[QUOTE=kittymoron;47697731]sharex + imgur or your own site or dropbox, etc. that has space on it.[/QUOTE] And pastebin + github for code

[URL="http://pomf.se/"]Pomf.se[/URL] is godlike. Really fast servers, simple/clean no-bullshit website and direct links. Can even use it for WebM's and normal files. No image compression either. The site is open-source too so you can host a version yourself or use sites using the same code like [URL="https://maxfile.ro/"]maxfile.ro[/URL]

Filesmelt was really good before it got fucked up and never fixed

[QUOTE=Reds;47696369]Now we just need to arrest people who use Photobucket. I have no idea why people think that Photobucket, Imageshack, and Tinypic are acceptable in 2015.[/QUOTE] it was great in its time but they kept adding so much bullshit it wasn't even funny PB is a piece of shit now

[QUOTE=Feroaffer;47697258]whats wrong with gyazo?[/QUOTE] I pronounce it Gayzo and can't stop myself even though I clearly see that it doesn't say Gayzo

[QUOTE=TheTalon;47700469]I pronounce it Gayzo and can't stop myself even though I clearly see that it doesn't say Gayzo[/QUOTE] What's wrong with being a gayzo?

[QUOTE=Tobin;47700559]What's wrong with being a gayzo?[/QUOTE] I think most people see the Gyazo and think what the fuck how do i say that and then they go for Gayzo?

not using your own servers [url]http://files.copypaste.science/DT6W[/url]

I wish people who still used gyazo would kindly fuck off go away with your peasant image site, filthy street urchin

Sorry, you need to Log In to post a reply to this thread.