Check out this hacker sting - poetry in motion

brador14y ago· 2 in thread

How did they extract such extensive information about him if he was just using a WP plugin?

I'm assuming the blog the kid used the plugin on had all sorts of info and links to his Twitter account, etc.

They left in his real name in one of the screenshots BTW.

IMO it's quite an entertaining SocEng attack. And he just wanted to get the latest version of a commercial WP plugin! hahaha! I was kind of expecting something more malicious: I thought either the source file he requested contained login credentials or other sensitive info, or he was going to send back a "patched" version with a backdoor in it.

Odd, how he went through all that trouble. Anyone know what the plugin does BTW? I haven't looked, is it that good? :)

brador14y ago

Some people just REALLY hate paying for software. I've had users trying to get a discount on a $3 product because they saw a "enter promo code" box (for giving out free betas) on the payment page.

Of course, I removed the box :)

lionyo14y ago

Amusing. Reminds me of how Garry's Mod deliberately enabled an error to shamed pirates looking for help: it would throw an error code that was the user's steamid :)

http://www.gamepron.com/news/2011/04/12/garrys-mod-catches-p...

dramaticus314y ago

So security minded they're using GPG, no wait ...

Check out this hacker sting - poetry in motion (opens in new tab)

Check out this hacker sting - poetry in motion (opens in new tab)

5 comments

5 comments