Pwn All The Things
So the actual email used to phish John Podesta ended up in the WIkileaks dump. It's herehttps://wikileaks.org/podesta-emails/emailid/36355 …
Could have hacked? Sure. Did hack? No. Let me go through why not.https://twitter.com/realDonaldTrump/status/816620855958601730 …
-
-
-
This is a reconstruction of that phishing email. (All of the information is bogus - the mention of Ukraine isn't relevant here).pic.twitter.com/EvFhdYfZaI
-
You can't tell just by looking, but that "Change Password" link doesn't take you to Google. It takes you to Bit.ly.pic.twitter.com/e6Rm71YTfG
-
This link expands to a fake login page (note URL is for a .tk site). This is what Podesta saw when he accidentally gave creds to hackers.pic.twitter.com/3Cc8KxvjNf
-
But the hackers screwed up. The hackers weren't hacking one-by-one; so URL contraction wasn't done manually. It was done via the Bitly API.
-
Using the Bitly API requires you create an account. So the hackers had to create an account. And they forgot to make their account private.
-
It's no longer possible - the hackers have changed their settings - but before you could simple enumerate ALL of the contracted links.
-
The Bitly link in John Podesta's email is visible in the Wikileaks dump here https://wikileaks.org/podesta-emails/emailid/36355 …pic.twitter.com/PNEN96Cfq3
- Show more
-
-
-
@pwnallthethings@PeterDEdmonds Ah, the same folks who gave us WMDs in Iraq are right without question, but Assange is lying. Really? -
@BSamCook@PeterDEdmonds None of this is info from the IC. -
@pwnallthethings Great sleuthing there, by the way. -
@PeterDEdmonds@pwnallthethings It should also be noted that there were dissenting opinions in the IC on WMDs but it was Bush who misused it -
@Karna6e@PeterDEdmonds@pwnallthethings Absolutey correct. Team Bush cherry picked the hell out of the intelligence. -
@BfloDude@Karna6e@PeterDEdmonds@pwnallthethings the source for WMD came via Hannah and Libby (Cheney's office). It wasn't from CIA,FBI. -
@DigiRanger1994@MomsThoughts@BfloDude@Karna6e@PeterDEdmonds@pwnallthethings I've been screaming that from rooftops. Trumpers don't care - Show more
-
-
-
.
@pwnallthethings Compelling argument. My question for other#infosec experts: Any room for reasonable doubt? Or is this a 99.9% sure thing? -
@DaveMosher Curious if@pwnallthethings would class this as "hired help" as opposed to state actor (strictly speaking) -
@Mad_Science_Guy My guess, based on evidence touted by@pwnallthethings, is hired help. Counterpoint: maybe designed to look that way? -
@DaveMosher@pwnallthethings Hired help fits Occam's razor, given that you can hire ppl to mount any damn thing and get LOIC attacks free.+ -
@darsal@Mad_Science_Guy@DaveMosher@pwnallthethings these links are 504, where is the full Bitly src of all links generated by this acct? - Show more
-
Braxton S. Cook
Peter Edmonds
Matt the Brat 
El Presidente
MomsThoughts™
Scott S, Resisting
Tara
Dave Mosher
Jesse Emspak
DaveS
Daniel Ƀ
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.