Hmm, it looks like BitTorrent just added a second token to uTorrent Web. That does not solve the DNS rebinding issue, it just broke my exploit. 
-
-
Are you the only one looking at DNS rebinding? Seems to be everywhere.
-
Yeah, I don't understand why, it's so trivial. I thought the hardest part was setting up a domain for testing, so I made a service anyone can reuse: https://lock.cmpxchg8b.com/rebinder.html
- 1 more reply
New conversation -
-
-
Does that mean the "basket of uTorrent DNS rebinding vulnerabilities" are, contrary to what you reported earlier, *not* fixed?
-
Yes, I updated the issue.
- 1 more reply
New conversation -
-
-
Is the latest releases of uTorrent still not properly patched, or did they get it right at some point? Would love an update on this as it's been a couple of weeks and they obviously claim it's fixed. Thanks!
-
Yes, I believe there's been a new update that solves all the problems reported.
- 1 more reply
New conversation -
-
This Tweet is unavailable.
-
-
is uTorrent 2.2.1 affected too?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.