test content
Logo
What is the Arc Client?
Install Arc
Howdy, Stranger!
Comments
-
Today I got hacked again. Funny facts... I received the email for password regen when I tried to reset the password again to get access to my account I had to do it about 5 times because everytime I generated a password when I was clicking on the link it said that the links was invalid! Funny right? NOT! I already changed…
-
No.. I left home at 9am and arrived about 8pm, and I have no acess to my email during that timespan, and the attack was at 12:37.... no chances on that! I tought about all those question, I investigated all that I can... The only way I can have 100% sure about the link exploit is I hack some account... but seriously I…
-
I am almost 100% sure that the problems is on the hash generated to create the link! It is probably generated with data like username / timastamp or something easy to get it! If the attacker knows by change what is inside the hash it will probably try to generate a bunch of codes to get the correct link! This is…
-
As I told before: No accesses from anyone besides me for the last days...
-
You are being blind with your cepticism! If in fact there was a root kit that was keylogging or some kind of stealling there would be no need to try to retrieve the password, they would just log in and there would be any emails except the guard system saying that someone asked for authorization! Also once again there was…
-
I think that it may not be so dificult to bypass the email, if somehow the guy who is doing this have found a pattern on the hash generated to the password recovery or somehow knows the algorithm that generates because it may be used on other systems too What happens is that when you request a password the link becomes…
-
This is the exact same situation... the same modus operandi! So there must be a flaw on the password recovery link!
-
Hello breakfast!