Author Topic: Photobucket  (Read 10865 times)

0 Members and 1 Guest are viewing this topic.

Offline indie180

  • V.I.P
  • Homo Superior
  • *
  • Posts: 2821
Photobucket
« on: September 22, 2009, 05:15:46 AM »
Photobucket is not the most secure site in the world.

User's should be aware that if you just close down the window without logging out, it is very easy for any one to view your account. So always log out.

Offline chekovsulu

  • Human
  • *****
  • Posts: 1671
  • Gender: Male
  • With powers of hawk, wolf, puma and bear.
    • TITLE!
Re: Photobucket
« Reply #1 on: September 22, 2009, 08:10:42 AM »
Well that's annoying! >:(

Now Zoidberg is the popular one!

Offline Diabolico

  • Neandertal
  • ***
  • Posts: 448
Re: Photobucket
« Reply #2 on: September 22, 2009, 08:25:05 AM »
More information? Allows for phished session's or some thing else?
Quote from: Brian Moore
Despite the tons of examples and docs, mod_rewrite is voodoo. Damned cool voodoo, but still voodoo.

Offline indie180

  • V.I.P
  • Homo Superior
  • *
  • Posts: 2821
Re: Photobucket
« Reply #3 on: September 22, 2009, 08:42:23 AM »
If you posted a pic anywhere, this one is from the Authors game.



Right click>Properties>copy up to the last / at the users name and you should be able to get in to my account.

 I only use PB for playing games and nothing personal.


Offline Diabolico

  • Neandertal
  • ***
  • Posts: 448
Re: Photobucket
« Reply #4 on: September 22, 2009, 08:56:15 AM »
When say X account logins in, it goes by the string (username), in the url. Rather than authenticating with cookie or session?
Quote from: Brian Moore
Despite the tons of examples and docs, mod_rewrite is voodoo. Damned cool voodoo, but still voodoo.

Offline indie180

  • V.I.P
  • Homo Superior
  • *
  • Posts: 2821
Re: Photobucket
« Reply #5 on: September 22, 2009, 09:08:58 AM »
Did you try to get into my account.

It was set to private, but I just found a bit 'Block All Users' in account options.

I have Blocked All Users, but I can still get in. I need someone else to try.

Offline Diabolico

  • Neandertal
  • ***
  • Posts: 448
Re: Photobucket
« Reply #6 on: September 22, 2009, 09:11:05 AM »
Yes. It took me to the login screen.
Quote from: Brian Moore
Despite the tons of examples and docs, mod_rewrite is voodoo. Damned cool voodoo, but still voodoo.

Offline indie180

  • V.I.P
  • Homo Superior
  • *
  • Posts: 2821
Re: Photobucket
« Reply #7 on: September 22, 2009, 09:13:14 AM »
I've unblock it and if you could try again.

Offline Diabolico

  • Neandertal
  • ***
  • Posts: 448
Re: Photobucket
« Reply #8 on: September 22, 2009, 09:17:56 AM »
Takes me to the login screen :D. Created the below account.



Code: [Select]
http://i661.photobucket.com/albums/uu338/S0xX0r/
Quote from: Brian Moore
Despite the tons of examples and docs, mod_rewrite is voodoo. Damned cool voodoo, but still voodoo.

Offline indie180

  • V.I.P
  • Homo Superior
  • *
  • Posts: 2821
Re: Photobucket
« Reply #9 on: September 22, 2009, 09:23:16 AM »
Just been in it.



Go to account options and block all users and I'll try again

Offline Diabolico

  • Neandertal
  • ***
  • Posts: 448
Re: Photobucket
« Reply #10 on: September 22, 2009, 09:25:18 AM »
Done. >_> it states login, top right hand corner and join now on the menu bar ;).
Quote from: Brian Moore
Despite the tons of examples and docs, mod_rewrite is voodoo. Damned cool voodoo, but still voodoo.

Offline indie180

  • V.I.P
  • Homo Superior
  • *
  • Posts: 2821
Re: Photobucket
« Reply #11 on: September 22, 2009, 09:42:09 AM »
Try setting the account to private, I can get into user's but you can't get into mine.  ???


Offline Diabolico

  • Neandertal
  • ***
  • Posts: 448
Re: Photobucket
« Reply #12 on: September 22, 2009, 09:43:55 AM »
Set it to private.
Quote from: Brian Moore
Despite the tons of examples and docs, mod_rewrite is voodoo. Damned cool voodoo, but still voodoo.

Offline indie180

  • V.I.P
  • Homo Superior
  • *
  • Posts: 2821
Re: Photobucket
« Reply #13 on: September 22, 2009, 09:51:58 AM »
If you set your account to Private you can't get in using that method.

Thanks for your help Diabolico.


Offline indie180

  • V.I.P
  • Homo Superior
  • *
  • Posts: 2821
Re: Photobucket
« Reply #14 on: September 22, 2009, 09:57:50 AM »
I have change mine to Public, try it now.

Offline Diabolico

  • Neandertal
  • ***
  • Posts: 448
Re: Photobucket
« Reply #15 on: September 22, 2009, 10:11:47 AM »




Originally thought you meant haxX0r account that way, that it would enable you change account details etc :-\.
Quote from: Brian Moore
Despite the tons of examples and docs, mod_rewrite is voodoo. Damned cool voodoo, but still voodoo.

Offline indie180

  • V.I.P
  • Homo Superior
  • *
  • Posts: 2821
Re: Photobucket
« Reply #16 on: September 22, 2009, 10:19:16 AM »
I wasn't sure if you could or not, it was hard to say when I was playing around with my own account.  :-\

If Photobucket users make sure their accounts are set to Private, if they aren't already.
« Last Edit: September 24, 2009, 01:20:03 PM by indie180 »

Offline Diabolico

  • Neandertal
  • ***
  • Posts: 448
Re: Photobucket
« Reply #17 on: September 22, 2009, 10:45:32 AM »
Any website that either doesn't encrypt passwords, or secures the strings, are hackable. Limiting the query for retrieving the user account details, on login, is important. As only one account should be retrieved. As it could be possible to dump the Db, if either the username or password string aren't secured (by using a MySql type command).

The check form was submitted, is to check the details were entered through the form and not the address bar.

Code: [Select]
if(isset(submit))
{

// form submitted

}

Encryption is important, with the expectation of double hashing. As if the strings are collided, it might be possible to remove both layers of encryption (if that's the right way of putting it).

Thou the user has an important part to play. As passwords with characters (*[]() etc) should be used, so the possibility of causing a collision is smaller. That with exotic forms of encryption, altering the password string with simple things like reversing the string, changing it to binary, adding characters to it and salting it, add a further layer of protection.

Thou probably the most overlooked part is the users email address, if you gain access to that, you gain access to what ever accounts that email was used to register with.

//Rant over
Quote from: Brian Moore
Despite the tons of examples and docs, mod_rewrite is voodoo. Damned cool voodoo, but still voodoo.

Offline laama

  • Homo Superior
  • ******
  • Posts: 2564
Re: Photobucket
« Reply #18 on: September 22, 2009, 03:55:51 PM »
Photobucket is not the most secure site in the world.

User's should be aware that if you just close down the window without logging out, it is very easy for any one to view your account. So always log out.
I noticed that too and I always log out and close tab after I quit there.

I set my account immediately private I was join there.
i'm waiting for someone to start an antisocial networking site.


Offline mishca09

  • Q
  • *
  • Posts: 11386
Re: Photobucket
« Reply #19 on: September 22, 2009, 06:29:16 PM »
i used to do this a lot, when i was HS. i thought photobucket had fixed the problem.

Offline hmed2390

  • Human
  • *****
  • Posts: 1980
  • Gender: Male
  • Oh boy what a big mess, even Mickey's on acid!
Re: Photobucket
« Reply #20 on: September 28, 2009, 12:44:57 PM »
I use imageshack. They've been fine for the past 2 years.

Photobucket sounds awful.  :-\
A person who won't read has no advantage over one who can't read. -Mark Twain

Offline indie180

  • V.I.P
  • Homo Superior
  • *
  • Posts: 2821
Re: Photobucket
« Reply #21 on: September 28, 2009, 12:51:09 PM »
I use imageshack. They've been fine for the past 2 years.

Photobucket sounds awful.  :-\

I have tried to get into imageshack, no joy, but that's good.  ;D

I still use PB and don't log out.  :D

I like PB, but only use it for the Fora Games.

Offline hmed2390

  • Human
  • *****
  • Posts: 1980
  • Gender: Male
  • Oh boy what a big mess, even Mickey's on acid!
Re: Photobucket
« Reply #22 on: September 28, 2009, 12:53:26 PM »
haha, i see.  :)

Imageshack us awesome for my spamming needs on the forum.  ;D :D
A person who won't read has no advantage over one who can't read. -Mark Twain

Offline Geemonster

  • Banned for all eternity
  • Human
  • *****
  • Posts: 2053
  • Gender: Male
  • Diasfora's Misfit
Photobucket
« Reply #23 on: October 15, 2009, 02:06:16 PM »
There seem to be lots of images deleted by Photobucket here ???

Offline dweez

  • Global Moderator
  • Q
  • *
  • Posts: 11417
  • Gender: Male
  • Rebel Mod
Re: Photobucket
« Reply #24 on: October 15, 2009, 02:11:44 PM »
Well, anything that gets reported to them as being risque is removed (just like most image hosting sites).  Also, a lot of us tend to delete off the images after their usefulness has expired.  I mean, it does not good to keep an image from page 2 of the "Name that Movie" thread when we're on page 94.
--dweez

Offline ohcheap1

  • Q
  • *
  • Posts: 19080
  • Gender: Female
Re: Photobucket
« Reply #25 on: October 15, 2009, 02:22:55 PM »
^^ Yeah baby!! Thats what Im talkin bout!! I have to have things in a certain order so I delete stuff that Im not using all the time. Sadly, some do not understand my obsession.... :-[

Offline Geemonster

  • Banned for all eternity
  • Human
  • *****
  • Posts: 2053
  • Gender: Male
  • Diasfora's Misfit
Re: Photobucket
« Reply #26 on: October 15, 2009, 02:34:00 PM »
Now i know,i understand. :-*

Offline laama

  • Homo Superior
  • ******
  • Posts: 2564
Re: Photobucket
« Reply #27 on: October 15, 2009, 03:38:23 PM »
PhotoBucket sucks.
i'm waiting for someone to start an antisocial networking site.


Offline smokester

  • Administrator
  • Q
  • *
  • Posts: 14942
  • Gender: Male
  • Da mihi castitatem et continentiam, sed noli modo!
Re: Photobucket
« Reply #28 on: October 15, 2009, 04:16:43 PM »
I mean, it does not good to keep an image from page 2 of the "Name that Movie" thread when we're on page 94.

Yeah that would just bump up the bill and waste that valuable 30kb of the 500mb allowance..  Keep that up for the next 17 years and one might just go over the limit ::)
Don't put off until tomorrow, what you can put off until the day after.

There is an exception to every rule, apart from this one.

Offline hmed2390

  • Human
  • *****
  • Posts: 1980
  • Gender: Male
  • Oh boy what a big mess, even Mickey's on acid!
Re: Photobucket
« Reply #29 on: October 15, 2009, 04:21:02 PM »
PhotoBucket sucks.

nice insert there laama.  :D

Yeah that would just bump up the bill and waste that valuable 30kb of the 500mb allowance..  Keep that up for the next 17 years and one might just go over the limit ::)

:D

17 years is an awfully long time smokes.  :D

And let's not forget the legal issues that the AlJazeera issue is bringing about for the forum.  ;)
A person who won't read has no advantage over one who can't read. -Mark Twain

Offline smokester

  • Administrator
  • Q
  • *
  • Posts: 14942
  • Gender: Male
  • Da mihi castitatem et continentiam, sed noli modo!
Re: Photobucket
« Reply #30 on: October 15, 2009, 04:35:20 PM »
nice insert there laama.  :D

:D

17 years is an awfully long time smokes.  :D

And let's not forget the legal issues that the AlJazeera issue is bringing about for the forum.  ;)

I'm not sure why, but everytime you mention Al Jazeera I think of beer.. no wait.. everytime someone posts anything I think of beer.
Don't put off until tomorrow, what you can put off until the day after.

There is an exception to every rule, apart from this one.

Offline hmed2390

  • Human
  • *****
  • Posts: 1980
  • Gender: Male
  • Oh boy what a big mess, even Mickey's on acid!
Re: Photobucket
« Reply #31 on: October 15, 2009, 05:54:56 PM »
 :D

Your mind is linked to kegs. That's the only logical explanation.  8)
A person who won't read has no advantage over one who can't read. -Mark Twain

Offline Geemonster

  • Banned for all eternity
  • Human
  • *****
  • Posts: 2053
  • Gender: Male
  • Diasfora's Misfit
Re: Photobucket
« Reply #32 on: October 16, 2009, 05:37:55 AM »
PhotoBucket sucks.

Goddamn right it does!
I use the demons den image host,i think i still have an imageshack account too.

Offline hmed2390

  • Human
  • *****
  • Posts: 1980
  • Gender: Male
  • Oh boy what a big mess, even Mickey's on acid!
Re: Photobucket
« Reply #33 on: October 16, 2009, 11:23:15 AM »
Every one disses imageshack whenever I bring it up  :D

I've been using it since 08' and they've been pretty decent so far. I even got in touch woth them on several occasions becasue of technical

issues I was facing, and they responded in under 24 hours, resolved the issue, and even accomodated for the hassle I had to put up with.

Geez people, how mean can they be?  :P  :)
A person who won't read has no advantage over one who can't read. -Mark Twain

Offline Geemonster

  • Banned for all eternity
  • Human
  • *****
  • Posts: 2053
  • Gender: Male
  • Diasfora's Misfit
Re: Photobucket
« Reply #34 on: October 17, 2009, 01:47:18 AM »
I had this image,a mod can delete it if applicable
  Anyway my album was private,i had this on it for about 2 years,so i suppose a new person,probably a PC woman took over and deleted my account. ::)
  Photobucket sucks ass.





No mod needed to delete it, Admin did it instead..
« Last Edit: October 17, 2009, 05:42:34 AM by smokester »

Offline hmed2390

  • Human
  • *****
  • Posts: 1980
  • Gender: Male
  • Oh boy what a big mess, even Mickey's on acid!
Re: Photobucket
« Reply #35 on: October 18, 2009, 05:09:58 PM »
^was it chauvinist?   :-\
A person who won't read has no advantage over one who can't read. -Mark Twain

Offline Geemonster

  • Banned for all eternity
  • Human
  • *****
  • Posts: 2053
  • Gender: Male
  • Diasfora's Misfit
Re: Photobucket
« Reply #36 on: October 18, 2009, 10:18:50 PM »
It was a silhouette i'll PM it to you hmed.

Offline Robin-Graves

  • Rev AJ's Grand Inquisitor
  • Homo Superior
  • *
  • Posts: 4278
  • Gender: Male
  • Power doesnt give you the right
Re: Photobucket
« Reply #37 on: October 19, 2009, 10:26:39 AM »
Woohooo! PM it to me too!!!!!Please?
I keep my standards low.
That way im never disapointed.

Offline laama

  • Homo Superior
  • ******
  • Posts: 2564
Re: Photobucket
« Reply #38 on: October 19, 2009, 05:40:14 PM »
Woohooo! PM it to me too!!!!!Please?
+1
i'm waiting for someone to start an antisocial networking site.


Offline hmed2390

  • Human
  • *****
  • Posts: 1980
  • Gender: Male
  • Oh boy what a big mess, even Mickey's on acid!
Re: Photobucket
« Reply #39 on: October 19, 2009, 05:41:21 PM »
LOL
A person who won't read has no advantage over one who can't read. -Mark Twain

Offline laama

  • Homo Superior
  • ******
  • Posts: 2564
Re: Photobucket
« Reply #40 on: October 19, 2009, 06:05:57 PM »
i'm waiting for someone to start an antisocial networking site.


Offline hmed2390

  • Human
  • *****
  • Posts: 1980
  • Gender: Male
  • Oh boy what a big mess, even Mickey's on acid!
Re: Photobucket
« Reply #41 on: October 19, 2009, 06:09:59 PM »
huh?  :P
A person who won't read has no advantage over one who can't read. -Mark Twain

Offline laama

  • Homo Superior
  • ******
  • Posts: 2564
Re: Photobucket
« Reply #42 on: October 19, 2009, 06:10:35 PM »
i'm waiting for someone to start an antisocial networking site.


Offline hmed2390

  • Human
  • *****
  • Posts: 1980
  • Gender: Male
  • Oh boy what a big mess, even Mickey's on acid!
Re: Photobucket
« Reply #43 on: October 19, 2009, 06:11:37 PM »
Don;t mind me, I'm loopy.  :)
A person who won't read has no advantage over one who can't read. -Mark Twain