Homebrew PeggleCrew Hijacking /r/3dshacks Subreddit

chaoskagami

chaoskagami

G̷̘̫̍̈́̊̓̈l̴̙͔̞͠i̵̳͊ţ̸̙͇͒̓c̵̬̪̯̥̳͒͌̚h̵̹̭͛̒̊̽̚
Developer
Level 10
Joined
Mar 26, 2016
Messages
1,365
Trophies
1
Location
↑↑↓↓←→←→BA
Website
github.com
XP
2,287
Country
United States
The Real Jdbye said:
It's back to normal now, but what I want to know is what exactly did they insert into the page and do we need to be worried about possible driveby exploits?
Click to expand...

Misledz said:
If anything this can only affect serverside rather than reader side. Reddit will always have a cached copy but it wont change the fact that unless they find out who's compromised, it wont stop.
Click to expand...

Actually, I didn't get the time to analyze that image, but there's nothing preventing it from being an image-based exploit. Remember libtiff on the PSP?
 
  • Like
Reactions: Misledz
The Real Jdbye

The Real Jdbye

*is birb*
Member
Level 23
Joined
Mar 17, 2010
Messages
23,325
Trophies
4
Location
Space
XP
13,904
Country
Norway
Misledz said:
If anything this can only affect serverside rather than reader side. Reddit will always have a cached copy but it wont change the fact that unless they find out who's compromised, it wont stop.
Click to expand...
Anything that is sent to the client side has the potential to affect the client side if they make use of driveby exploits. Basically driveby exploits are exploits in software on the client side which once an infected page is visited can be used to install malware without the user's knowledge or consent.
I didn't get a chance to have a look at the source code of the part they added or the image itself, which is why I'm wondering.
 
  • Like
Reactions: Misledz
Misledz

Misledz

Well-Known Member
Member
Level 6
Joined
Sep 3, 2015
Messages
1,053
Trophies
0
Age
33
Location
Philippines
XP
766
Country
Philippines
chaoskagami said:
Actually, I didn't get the time to analyze that image, but there's nothing preventing it from being an image-based exploit. Remember libtiff on the PSP?
Click to expand...
Similar to the one on devhook days? If so then yeah, but Chrome for some reason can sort out these kind of exploits so Im not so worried. If Im having a hard time getting exploit pages to run on chrome than on my Wii U, then I guess Google's doing a good job :P
 
chaoskagami

chaoskagami

G̷̘̫̍̈́̊̓̈l̴̙͔̞͠i̵̳͊ţ̸̙͇͒̓c̵̬̪̯̥̳͒͌̚h̵̹̭͛̒̊̽̚
Developer
Level 10
Joined
Mar 26, 2016
Messages
1,365
Trophies
1
Location
↑↑↓↓←→←→BA
Website
github.com
XP
2,287
Country
United States
Misledz said:
Similar to the one on devhook days? If so then yeah, but Chrome for some reason can sort out these kind of exploits so Im not so worried. If Im having a hard time getting exploit pages to run on chrome than on my Wii U, then I guess Google's doing a good job :P
Click to expand...

Exploits in chrome require ROP. Memory protection. And on top of that, you also have to get out of the sandbox. Firefox, on the other hand...you may want to turn off JIT.

Also, the 3DS and WiiU technically are WebKit, not Blink.
 
Last edited by chaoskagami,
  • Like
Reactions: Misledz
The Real Jdbye

The Real Jdbye

*is birb*
Member
Level 23
Joined
Mar 17, 2010
Messages
23,325
Trophies
4
Location
Space
XP
13,904
Country
Norway
Misledz said:
Similar to the one on devhook days? If so then yeah, but Chrome for some reason can sort out these kind of exploits so Im not so worried. If Im having a hard time getting exploit pages to run on chrome than on my Wii U, then I guess Google's doing a good job :P
Click to expand...
Browser devs make continuous efforts to block known exploits, but there are always new ones being found that aren't publicly known yet, so you're not protected from everything. Even antivirus, firewall and antispyware software won't protect you from everything.
These people seem like just your average skiddie though, so they probably wouldn't have access to unpatched exploits, but you never know.

chaoskagami said:
Exploits in chrome require ROP. Memory protection. And on top of that, you also have to get out of the sandbox. Firefox, on the other hand...you may want to turn off JIT.

Also, the 3DS and WiiU technically are WebKit, not Blink.
Click to expand...
I have NoScript and reddit.com is disabled on it, is that good enough? :P (Firefox though)
 
Last edited by The Real Jdbye,
  • Like
Reactions: Misledz
chaoskagami

chaoskagami

G̷̘̫̍̈́̊̓̈l̴̙͔̞͠i̵̳͊ţ̸̙͇͒̓c̵̬̪̯̥̳͒͌̚h̵̹̭͛̒̊̽̚
Developer
Level 10
Joined
Mar 26, 2016
Messages
1,365
Trophies
1
Location
↑↑↓↓←→←→BA
Website
github.com
XP
2,287
Country
United States
The Real Jdbye said:
Browser devs make continuous efforts to block known exploits, but there are always new ones being found that aren't publicly known yet, so you're not protected from everything. Even antivirus, firewall and antispyware software won't protect you from everything.
These people seem like just your average skiddie though, so they probably wouldn't have access to unpatched exploits, but you never know.
Click to expand...

Yeah, I doubt it. Though there's nothing stopping them from targeting fixed exploits in hope someone hasn't updated.
 
Misledz

Misledz

Well-Known Member
Member
Level 6
Joined
Sep 3, 2015
Messages
1,053
Trophies
0
Age
33
Location
Philippines
XP
766
Country
Philippines
The Real Jdbye said:
Browser devs make continuous efforts to block known exploits, but there are always new ones being found that aren't publicly known yet, so you're not protected from everything. Even antivirus, firewall and antispyware software won't protect you from everything.
These people seem like just your average skiddie though, so they probably wouldn't have access to unpatched exploits, but you never know.


I have NoScript and reddit.com is disabled on it, is that good enough? :P (Firefox though)
Click to expand...

chaoskagami said:
Exploits in chrome require ROP. Memory protection. And on top of that, you also have to get out of the sandbox. Firefox, on the other hand...you may want to turn off JIT.

Also, the 3DS and WiiU technically are WebKit, not Blink.
Click to expand...

I have learned much today. Thanks Sensei's
 
  • Like
Reactions: DarkFlare69
chaoskagami

chaoskagami

G̷̘̫̍̈́̊̓̈l̴̙͔̞͠i̵̳͊ţ̸̙͇͒̓c̵̬̪̯̥̳͒͌̚h̵̹̭͛̒̊̽̚
Developer
Level 10
Joined
Mar 26, 2016
Messages
1,365
Trophies
1
Location
↑↑↓↓←→←→BA
Website
github.com
XP
2,287
Country
United States
The Real Jdbye said:
Browser devs make continuous efforts to block known exploits, but there are always new ones being found that aren't publicly known yet, so you're not protected from everything. Even antivirus, firewall and antispyware software won't protect you from everything.
These people seem like just your average skiddie though, so they probably wouldn't have access to unpatched exploits, but you never know.


I have NoScript and reddit.com is disabled on it, is that good enough? :P (Firefox though)
Click to expand...

For scripts, yes. Not images.
 
chaoskagami

chaoskagami

G̷̘̫̍̈́̊̓̈l̴̙͔̞͠i̵̳͊ţ̸̙͇͒̓c̵̬̪̯̥̳͒͌̚h̵̹̭͛̒̊̽̚
Developer
Level 10
Joined
Mar 26, 2016
Messages
1,365
Trophies
1
Location
↑↑↓↓←→←→BA
Website
github.com
XP
2,287
Country
United States
Joom said:
...HAHAHAHAHAHAHAHA! Remember kids, don't use your browser's built in password saver.
Click to expand...

And remember: use a combination of capital/lowercase letters, numbers, symbols and use more than two words!
 
  • Like
Reactions: Deleted User
The Real Jdbye

The Real Jdbye

*is birb*
Member
Level 23
Joined
Mar 17, 2010
Messages
23,325
Trophies
4
Location
Space
XP
13,904
Country
Norway
chaoskagami said:
For scripts, yes. Not images.
Click to expand...
I doubt they found some image exploit, but I wasn't actually able to save the image to have a look at it (the option wasn't there in the right-click menu, probably because it used some weird CSS or JS as I've experienced the same problem on other sites, even here on GBAtemp) so I can't know for sure. I just tend to be paranoid about computer security (and most other things :P )
 
chaoskagami

chaoskagami

G̷̘̫̍̈́̊̓̈l̴̙͔̞͠i̵̳͊ţ̸̙͇͒̓c̵̬̪̯̥̳͒͌̚h̵̹̭͛̒̊̽̚
Developer
Level 10
Joined
Mar 26, 2016
Messages
1,365
Trophies
1
Location
↑↑↓↓←→←→BA
Website
github.com
XP
2,287
Country
United States
Ricken said:
I have a txt that contains all my random character passwords and a 19 digit password on the zip. None of the random passwords are labeled.
FITE ME
Click to expand...

Better than a closed source password management tool or a browser plugin.

I hope you're using AES and not ZipCrypto, though.
 
  • Like
Reactions: Ricken and Deleted User

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Hacking Hardware  New Nintendo 3DS XL Louvre

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hardware  Why does my 3DS take so long to turn off?

What's the best 3DS emulator (especially after Citra's shutdown)?

Tutorial  How to fix 007-2001

can't download system files on citra because im "not connected to the internet"

gacube emeleter

General chit-chat
Help Users
    Xdqwerty @ Xdqwerty: yawn