Backend Development

Exploiting puush image uploader

Submitted by Rooba, , Thread ID: 29878

Thread Closed
21-02-2017, 01:39 PM
#1
A few years back puush's urls used to be formatted like puu.sh/{Image_ID}/ and you could bruteforce every url since they upload with a sequential ID.
Now they have implemented a passkey by the looks of it, formatted like puu.sh/{Image_ID}/{passkey}.png
I believe that the passkey is a cut from a timestamp, ran through a salt or something. I believe this because for examplehttps://puu.sh/tXXS5/8a1ddb334d.png will bring you to a text file, and increment it +3 and you will be able to view another text file. Now when the next text file was generated, it didn't give the same key as the key that allows you to view it. If the timestamp is ran through something like sha1, it could be semi easy to bruteforce puush again minus the part of needing to figure out the exact time of every image uploaded.

Now i may be completely wrong about the key, but it seems like a reasonable explanation but other explanations or ideasare very appreciated.

Users browsing this thread: 1 Guest(s)