How Hackers Could Delete Any YouTube Video With Just One Click!

A security researcher has discovered a simple but critical vulnerability in Google-owned YouTube that could be exploited by anyone to knock down the whole business of the popular video sharing website.

Ethical Hacking News

Kamil Hismatullin, a Russian security bod, found a simple logical vulnerability that allowed him to delete any video from YouTube in one shot.

While looking for Cross-Site Scripting (XSS) or Cross-Site Request Forgery (CSRF) flaws in YouTube Creator Studio, Hismatullin came across a simple logical bug that could wipe up any video by just sending an identity number of any video in a post request against any session token.

The bug was simple but critical as it could be exploited by an attacker to fool YouTube easily into deleting any video on its system.

"I've fought the urge to [delete] Bieber's channel," Hismatullin wrote in his blog post. "Luckily no Bieber videos were harmed."

Citing the consequences of the issue, Hismatullin said "this vulnerability could create utter havoc in a matter of minutes in [attackers'] hands who could extort people or [just] disrupt YouTube by deleting massive amounts of videos in a very short period of time."

The researcher reported the bug to Google, and the search engine giant fixed the issue within several hours. Hismatullin won $5,000 cash reward from Google for finding and reporting the critical issue and an extra $1337 under the company’s pre-emptive vulnerability payment scheme.

Over a month ago, a similar bug was reported in Facebook's own systems that could have exploited by attackers to delete any photo from anyone’s Facebook account. However, the social networking giant fixed the relatively simple issue.

Comments

Create Your Own Social Networking Site

Create Your Own Social Networking Site JCOW: Ethical Hacking Top 10 reasons to choose Jcow:- 1. Handle more traffic - Clean codes and Dynamic caching can lower the CPU load and speed up your website. 2 Make your site more interactive - Well designed Jcow applications help you members to connect and communicate with others more effectively. 3 Add questions to the Registration Form - You can add new member fields, which will be displayed to the registration form, profile form, and the member browsing form. 4 Easily share stuff - Within the AJAX sharing Box, your members can publish status, photos, videos, and blogs. 5 Customize and Extend your Jcow Network - A Jcow network consists of core apps(like "Friends" and "Messages") and optional apps(like "Blogs" and ""Videos"). You can enable/disable optional apps. You can also develop your own apps. 6 Every profile could be Unique - Members can customize their own profile theme and add music play...

Latest Notepad Tricks 2015 !!

By these Latest Notepad Tricks 2015 you will be having great fun. You just need is to copy the code from here and paste in the notepad and save it with extension “ .bat ” . 1 Notepad trick to Test Antivirus :- By using these trick you can easily test your antivirus working perfectly or not. X5O!P%@AP[4PZX54(P^) 7CC)7}$EICAR-STANDARD- ANTIVIRUS-TEST-FILE!$H+H* save it as test.exe and run the file and check if your antivirus detects it then your antivirus working perfectly otherwise change your antivirus. 2 Make A Personal Log-Book or A Diary :- Copy the below code and paste it in notepad and save it as “ log.txt”. .LOG Now every time you open this log file you will have all the log details with date and time. 3 Constantly Repeat Any Messages :- This is one of the Latest Notepad tricks that will repeat any of messages on computer screen repeatedly.Just copy the below code and paste in the notepad and save it as “ message.bat”. @ECHO off...

Selecting a minister who is prime: The British Elections

#10 Downing Street is the British equivalent, in London, of our White House. And there is a mad scramble among seven contenders to sit in it. n the United Kingdom, for the first time in five years, the people are going to the polls. It will happen two weeks from today, and the country with a population just shy of 70 million, a nation that has been out greatest ally almost since the day after we whipped them in our great Revolutionary War and sent them packing, except for the unpleasant time they burned down Washington DC of course, does things a bit differently than we do. Current Prime Minister, David Cameron They have no president, and what they have, the prime minister, is not elected like our president is. In fact, in the House of Commons, their lower, popularly elected house of 650 members, the people cast the votes for the members of some seven to twelve different parties. The party that gets the most votes usually will then be asked by the Queen to form a government. And t...

DOYLC

Search This Blog