Canti

Foto Bucket Bypass

228 posts in this topic

If you have an old version of the script decode the hex and replace it with the ascii version of the URL.

I'd be greatful if someone could post just the proper ascii version of the URL, i have been up forever, and I think that's the problem I'm having. I must sleep, but I also want to see this bad boy work.

0

Share this post


Link to post
Share on other sites

If you have an old version of the script decode the hex and replace it with the ascii version of the URL.

I'd be greatful if someone could post just the proper ascii version of the URL, i have been up forever, and I think that's the problem I'm having. I must sleep, but I also want to see this bad boy work.

Its in hex to prevent indexing by Google so please don't post it in public view.

0

Share this post


Link to post
Share on other sites

If you have an old version of the script decode the hex and replace it with the ascii version of the URL.

I'd be greatful if someone could post just the proper ascii version of the URL, i have been up forever, and I think that's the problem I'm having. I must sleep, but I also want to see this bad boy work.

Its in hex to prevent indexing by Google so please don't post it in public view.

I don't plan on it, I'm just trying to figure out if this "[function.file-get-contents]: failed to open stream: No such file or directory in...." is coming from

0

Share this post


Link to post
Share on other sites

OMG this thing is leet. props to you canti. would you mind filling us in on *how* you found this? just curious. and yes, please, lets take this to pm's everyone. and to guy that pm'd it to me, thank you very much sir, but pleaseeeee dont send it to anyone else. lets keep this among ourselves. and mods, leet name change of thread plese.

0

Share this post


Link to post
Share on other sites

OMG this thing is leet. props to you canti. would you mind filling us in on *how* you found this? just curious. and yes, please, lets take this to pm's everyone. and to guy that pm'd it to me, thank you very much sir, but pleaseeeee dont send it to anyone else. lets keep this among ourselves. and mods, leet name change of thread plese.

How:

Flash slide shows need to get their data from some where ;)

PM's:

I posted the script minus the URL should help people a little bit.

Leet:

Please no 'leet' I can't stand it nor the thought of a thread of mine being molested by such childish cyphers.

Question:

Why is it that my tittle is " I broke 10 posts and all I got was this lousy title! " and not " n00bie " like others who broke 10? I like it just strange that I seem to be the only one with it.

Edited by Canti
0

Share this post


Link to post
Share on other sites

wow. this is great stuff now if only i can get it working. =/

i understand the code... i can decode a hex url... but the thing is where do i get the hexed url to decode? could someone help me out please? much thanks.

:)

-edit-

lmao! hahaha. the status names are funny. i'm "The One" i hope it doesn't stay that way for long.

Edited by iteknia
0

Share this post


Link to post
Share on other sites

well, i have it uploaded to a site, yes saved as .php, yes the site supports php, but all i get is a blank screen... any ideas?

blank screen, are you editing the variable usr on the script? It should not be edited, you should pass usr trough the browser.

That fixed my problem with blank screen.

0

Share this post


Link to post
Share on other sites

could someone please pm the hexed version of the url or how to obtain it please? i'm going nuts here reading the code over and over.

0

Share this post


Link to post
Share on other sites

OMG this thing is leet. props to you canti. would you mind filling us in on *how* you found this? just curious. and yes, please, lets take this to pm's everyone. and to guy that pm'd it to me, thank you very much sir, but pleaseeeee dont send it to anyone else. lets keep this among ourselves. and mods, leet name change of thread plese.

How:

Flash slide shows need to get their data from some where ;)

PM's:

I posted the script minus the URL should help people a little bit.

Leet:

Please no 'leet' I can't stand it nor the thought of a thread of mine being molested by such childish cyphers.

Question:

Why is it that my tittle is " I broke 10 posts and all I got was this lousy title! " and not " n00bie " like others who broke 10? I like it just strange that I seem to be the only one with it.

Canti, cool thread. Thanks for sharing. :D

Don't worry, we won't obfuscate the thread title. If _you_ had asked, it would have been considered, but a thousand "hide this from the next guy kplzthx" wouldn't matter if it isn't from the party who disclosed. Everyone else, it really doesn't matter since it has been crawled already anyway. Not to mention there are about 2000 people at least doing this left and right. I'll go out on a limb and say it has been noticed.

0

Share this post


Link to post
Share on other sites

Nice bypass that you found there, knowing photobucket however it's doubtful you can find many interesting images from people. But regardless...

speak for yourself, i got 3 dudes haveing naked pictures of themselves (eww) and 2 girls same thing (yay).

ohw i modified the script so it automaticly downloads all the pictures and puts them in a .zip :devil:, no more thumbnails for me.

0

Share this post


Link to post
Share on other sites

What are the rules regarding offering products for sale?

IE I have a couple dedicated servers that I could offer accounts on for fairly cheap. More or less cost of resources used.

And DO NOT pm me asking about it unless it is allowed by mods...

0

Share this post


Link to post
Share on other sites

mmm, if your planning on selling accounts for the purpose of people being able to run your exploit, thats illegal i do beleive.

in other words:

dont do it?

0

Share this post


Link to post
Share on other sites

No not related to this script. I just noticed a major lack of webspace among binrev users.

0

Share this post


Link to post
Share on other sites

This post is a bit off topic, but I didn't start a new thread as I imagine that it might be of interest to most of the people following this thread.

I have seen people post on other boards that occasionally they are playing around on photobucket, and when they try to access a locked account it will automatically grant them access as "logged in read only", without entering a password or anything. Then, for some period of time, they can access 95% of locked accounts as "logged in read only".

Until today, I thought this story was some sort of bs (perhaps a cover for people who were crafty enough as Canti to be able to find a deliberate way to see pics :D ). Well, today, it happened to me. I was checking out a few buckets to see if they were locked or not when all of sudden a locked one opened up as "logged in read only". I was never prompted to put in a password or anything. And then for a couple hours I was able to see 95% of the locked accounts. My browser locked up and I had to restart, and then I no longer had such access. But a few minutes later it started working again. But once I closed my browser it would no longer work for me and hasn't worked since.

Does anyone have any idea what might have given rise to this "glitch"? It was pretty cool to be able to have access to all the accounts without having to do anything at all (call me lazy LOL).

0

Share this post


Link to post
Share on other sites

This post is a bit off topic, but I didn't start a new thread as I imagine that it might be of interest to most of the people following this thread.

I have seen people post on other boards that occasionally they are playing around on photobucket, and when they try to access a locked account it will automatically grant them access as "logged in read only", without entering a password or anything. Then, for some period of time, they can access 95% of locked accounts as "logged in read only".

Until today, I thought this story was some sort of bs (perhaps a cover for people who were crafty enough as Canti to be able to find a deliberate way to see pics :D ). Well, today, it happened to me. I was checking out a few buckets to see if they were locked or not when all of sudden a locked one opened up as "logged in read only". I was never prompted to put in a password or anything. And then for a couple hours I was able to see 95% of the locked accounts. My browser locked up and I had to restart, and then I no longer had such access. But a few minutes later it started working again. But once I closed my browser it would no longer work for me and hasn't worked since.

Does anyone have any idea what might have given rise to this "glitch"? It was pretty cool to be able to have access to all the accounts without having to do anything at all (call me lazy LOL).

That was the first exploit I was using until it was patched it seems you stumbled across another entry point. If you could PM me a copy of your history I would gladly look thought it and if I find a working exploit I will send you the details before passing it on to any one else.

(See the other thread that this spawned from for more details)

Edit: Found it. No need for a copy of your history. :)

Edited by Canti
0

Share this post


Link to post
Share on other sites

thanks to a certain member here i am now using a MUCH simpler way to log in everything as read only. it works 100% of the time and is only a one step (one key actually) process with no scripts or programs or anything needed, contained entirely within the address bar :D

0

Share this post


Link to post
Share on other sites

Broken thumbnail (sub folders) fixed. (Updated on my first post)

0

Share this post


Link to post
Share on other sites

thanks to a certain member here i am now using a MUCH simpler way to log in everything as read only. it works 100% of the time and is only a one step (one key actually) process with no scripts or programs or anything needed, contained entirely within the address bar :D

i just found a new way done completely in the address bar..... but i'm still not sure exactly what it was i did, but it was very similar to the original address bar trick

0

Share this post


Link to post
Share on other sites

can someone explain, step by step, what edits need to be made to the php code to make this work? i have limited experience with php and simply can't figure this out.

what are the proper urls and where can they be found (either the hex or ascii versions?) i don't see any hex urls anywhere in the code.

thanks!

0

Share this post


Link to post
Share on other sites

can someone explain, step by step, what edits need to be made to the php code to make this work? i have limited experience with php and simply can't figure this out.

what are the proper urls and where can they be found (either the hex or ascii versions?) i don't see any hex urls anywhere in the code.

thanks!

It was removed on purpose. You may find someone willing to give it to you.

0

Share this post


Link to post
Share on other sites

can someone explain, step by step, what edits need to be made to the php code to make this work? i have limited experience with php and simply can't figure this out.

what are the proper urls and where can they be found (either the hex or ascii versions?) i don't see any hex urls anywhere in the code.

thanks!

It was removed on purpose. You may find someone willing to give it to you.

Doh. I missed that in the first line of the code. I'm an idiot.

If anyone is willing to PM me the URL - either hexed or in ASCII, I'd be forever grateful.

0

Share this post


Link to post
Share on other sites

this whole...address bar haxing thing...fill me in someone?

0

Share this post


Link to post
Share on other sites

Get your post count up and I would be happy to :)

But unless your an active contributing member of this site I don't feel the need.

can someone explain, step by step, what edits need to be made to the php code to make this work? i have limited experience with php and simply can't figure this out.

what are the proper urls and where can they be found (either the hex or ascii versions?) i don't see any hex urls anywhere in the code.

thanks!

It was removed on purpose. You may find someone willing to give it to you.

Doh. I missed that in the first line of the code. I'm an idiot.

If anyone is willing to PM me the URL - either hexed or in ASCII, I'd be forever grateful.

0

Share this post


Link to post
Share on other sites

Get your post count up and I would be happy to :)

But unless your an active contributing member of this site I don't feel the need.

can someone explain, step by step, what edits need to be made to the php code to make this work? i have limited experience with php and simply can't figure this out.

what are the proper urls and where can they be found (either the hex or ascii versions?) i don't see any hex urls anywhere in the code.

thanks!

It was removed on purpose. You may find someone willing to give it to you.

Doh. I missed that in the first line of the code. I'm an idiot.

If anyone is willing to PM me the URL - either hexed or in ASCII, I'd be forever grateful.

Understandable. I felt like a jerk, just asking for it outright.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now