Video and picture drip through misconfigured S3 buckets
Typically for images or other asserts, some sort of Access Control List (ACL) could be in position. A common way of implementing ACL would be for assets such as profile pictures
The main element would act as a вЂњpasswordвЂќ to gain access to the file, in addition to password would simply be offered users whom need usage of the image. When it comes to a dating application, it is whoever the profile is presented to.
We have identified several misconfigured buckets that are s3 The League throughout the research. Continue reading Therefore I reverse engineered two dating apps.