Hacker News new | comments | show | ask | jobs | submit login
Dumping Yahoo authentication secrets with an out-of-bounds read (scarybeastsecurity.blogspot.com)
91 points by scarybeast on May 20, 2017 | hide | past | web | favorite | 7 comments

For those wondering, this issue (referred to as YB2 or Yahoobleed #2 by the author) has already been fixed by Yahoo:

> Yahoo! fixed YB2 at the same time as YB1, by retiring ImageMagick.

FWIW, I've been very impressed with how Yahoo! handled this disclosure.

Ouch. I have a site the generates images with ImageMagick based on user input. Guess I'm off to look for details.

This is YB (Yahoobleed) #2. You might also enjoy YB #1: "*bleed continues: 18 byte file, $14k bounty, for leaking private Yahoo! Mail images": https://scarybeastsecurity.blogspot.com/2017/05/bleed-contin...

What is pointer visualization?

  Neo stares at the endlessly shifting river of
  information, bizarre codes and equations flowing across
  the face of the monitor.

  Do you always look at it encoded?

  Have to. You have no idea what the
  server is running - there's way too
  much information to decode the Yahoo.
  You get used to it, though.  Your brain
  does the translating.  I don't even
  see the code.  All I see is "pointer",
  "string  compare", "function call".
  You want a drink?

Interpreting memory as an image and suspecting that the memory contains a pointer.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact