Anonymous ID: 83b580 July 15, 2020, 6:15 p.m. No.9974361   🗄️.is 🔗kun

>>9974279

 

Its comped. No doubt. It has already been found by /ourguys/ if there are warnings regarding the app. Unfortunately it is very common for these apps to gather info, Voice print, Face recognition, gather connections, geo location etc… Tic-Tok is more than likely an aggregate data collector for dynamic profiling of users. It will take some time pull together…. I will personally post whatever I find.

Anonymous ID: 83b580 July 15, 2020, 6:34 p.m. No.9974558   🗄️.is 🔗kun   >>4579 >>4596 >>4607 >>4756 >>4775

>>9974541

 

It was pseudo code….

 

>>9511175

def visit_twitter_and_log_in

visit 'https://cards-dev.twitter.com/validator'📁

find('input.js-username-field').set(ENV['TWITTER_USERNAME'])

find('input.js-password-field').set(ENV['TWITTER_PASSWORD'])

click_on('Log in')

end

def enter_url_and_click_preview(url)

find('input.FormControl').set(url)

click_on('Preview card')

result = has_content?('Page fetched successfully')

visit 'https://cards-dev.twitter.com/validator'📁

end

end

Q

Anonymous ID: 83b580 July 15, 2020, 6:42 p.m. No.9974622   🗄️.is 🔗kun   >>4657

>>9974579

 

It does have potential to become something else. Nothing a little digging into the code base can't reveal. It appears to be a pointer to that area of code. Something around the auth code. MSFT did this type of BS all the time. They left known exploits in the code for years so nefarious actors could walk in and out of the infrastructure whenever they desired. I always thought that Gussifer used some of these gaps in the code. He moved through infrastructures very seamlessly. He had insider knowledge or found the gaps. This twatter exploit feels like one of those hacks.

Just an observation….digging

Anonymous ID: 83b580 July 15, 2020, 6:56 p.m. No.9974772   🗄️.is 🔗kun

>>997468

 

Anon is referring to Tic-Tok app. (Currently under validation.) Auth code for twatter is behind the front end in scripts er….sill poking around. May take a little moar to capture the actual script.

Anonymous ID: 83b580 July 15, 2020, 7:07 p.m. No.9974853   🗄️.is 🔗kun

>>9974786

So you don't know?

Linked auth script is behind the WAF. How does that compare to the actual auth code. Admin portal give full access to all accounts? This is the front door. What about the open windows?