did u notice How much waybackurls is powerful?

4 years ago 179
BOOK THIS SPACE FOR AD
ARTICLE AD

Newbie

This is a short story of how I was able to read strangers' messages in a random known platform “Omegle”.

So here we go, I get a little bored and I went to little enjoy in omegle.com it’s a random known stranger video chat, as usual, I started chatting with others and when I end up the chat with someone I notice there is a generator button that saves your chat in this endpoint logs.omegle.com/XXXXXX and it contains the whole chat with the person that you was chatting with, my mind reminds me that subdomain could contain other strangers logs at this point I remembered waybackurls way I go up to web.archive.org and I did use the cdx URL endpoint I think every bug hunter know what I’m talking about I put the domain logs.omegle.com and the result blew my mind :

Image for post

Image for post

it contains a big list of saved chat of other strangers and it discloses a lot of personnel information, this is a PII leak of Omegle users (addresses-number phones- Instagram id ……)

Be aware of what u are saying when u are using a website chat it really does not know how your information could be leaked or how it could be used from unknown third parties.

thank you for reading this, don’t forget to notify your friends and families

best regards,

Read Entire Article