GitHub, one of the most popular code repository hacked by one of their displeased member. The name of that displeased member is Egor Homakov. He is a Russian Programmer. The hacker was displeased because he found some vulnerabilities in Rails and informed Rails and GitHub about the vulnerabilities. But none of them took it seriously.
After that Egor Homakov found some sections of GitHub very weak in security as GitHub was partly developed in Ruby on Rails.Homakov informed the GitHub about those vulnerabilities. But two days later he found that GitHub didn't patch those vulnerabilities and as a result he decided to exploit them.
Egor Homakov, the hacker gained administrator privileges by exploiting a vulnerability which was related to a public key form update.
"That was pretty funny. Firstly, I could write post from 1234 year or 4321. Then, I could make a post pretending i am DHH. That was funny too. Then I could wipe any post in any project. That wasn't that funny but pretty dangerous," Egor Homakov wrote on his blog after hacking GitHub.
GitHub have patched the flaw which was exploited by Egor Homakov for gaining access. GitHub also have suspended his account for not respecting the site’s terms and conditions and reviewing on his activity GitHub insisted him. GitHub has apologized for obfuscating the how white hat hackers should disclose security vulnerabilities and set up a new help page that clearly lists how to report issues.
0 Comments
Leave a comment here.. :)
thanks..
______________________________________________________
Yuka db: "Nothing special.. Just You 'n Yourself...."