Paul Dixon, aka Lordelph, the owner of pastebin.com (great idea for a website, btw) posted a blogentry about this here: http://blog.dixo.net/2009/10/07/pastebin-com-and-password-lists, you might get the rest of the story out of major media coverage.
While i really like the pastebin-concept i also like making fun of users contents: Doing a google-search for mailaccounts or password does reveal quite a few posts hosting passwords of different origins: There is are bulletin-boards complete userdatabase-dump, published by hacker-kids dissing other hacker-kids. There are gmail-accounts with passwords stored in scripts using the account for automatically sending emails or attachments.
I found a working facebook-account in another script.
And finally i found that google is not only indexing, but also caching the pastebin-entrys. So if you tag your pastebin-text with a lifetime of one day, or if you delete your pastebin-entry it is rather likely that searchengines have already indexed and cached your entry, thus totally subverting the TTL-concept of pastebin.
Seems like pastebin.com and its sisterprojects in other tlds (Thanks Paul for making the source available!) would be a nice place to spend the next procrastrinated afternoon.
Back to work now.
tom
3 comments:
Really informative post. This blog provide very useful information for everyone and thanks for sharing.
Thank you for the good writeup. It in fact was a amusement account it. Look advanced to far added agreeable from you! By the way, how could we communicate?
VoilĂ une description qui donne envie... Je le note dans un coin ! :)
voyance gratuite
Post a Comment