An Interest In:
Web News this Week
- April 28, 2025
- April 27, 2025
- April 26, 2025
- April 25, 2025
- April 24, 2025
- April 23, 2025
- April 22, 2025
Some of Our Sources
- Technology Review
- Joshua Blankenship
- FanExtra - PSD
- My Ink Blog
- Web Design Ledger
- Reencoded
- Stylized Web
- Web Resource Source
- The Verge
- TechPowerUp
Help Webnuz
Referal links:
May 2, 2016 06:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/XY2g-Q_kU0Q/audiophile-torrent-site-whatcd-fully-pwnable-thanks-to-wrecked-rng
Audiophile Torrent Site What.CD Fully Pwnable Thanks To Wrecked RNG
Reader mask.of.sanity writes: Users of popular audiophile torrent site What.CD can make themselves administrators to completely compromise the private music site and bypass its notorious download ratio limits thanks to the use of the mt_rand function for password resets, a researcher has found. From the report (edited and condensed):What.CD is the world's most popular high quality music private torrent site that requires its users to pass an interview testing their knowledge of audio matters before they are granted an account. Users must maintain a high upload to download ratio to continue to download from the site. [...] "I reported it a year ago, and they acknowledged it but said 'don't worry about it,'" said New-Zealand-based independent security researcher who goes by the alias ss23.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/XY2g-Q_kU0Q/audiophile-torrent-site-whatcd-fully-pwnable-thanks-to-wrecked-rng
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot