Search Results
7/26/2025, 9:10:16 AM
>>511391083
Here’s the RCA on the leak:
>python script used to obtain the leaked data
>https://archive.is/20250725223325/
Hilarious. Basically this python script is doing a get call against the base URL, which is defined as a variable. It’s then looking for any type of status 200 response which is a http return code that shows content is available from the get call. From that point forward, the script works on the status 200 response to grab jpg images. There’s nothing here with authentication. Everything was publicly available this was 100% on the application side. This was not a hack. Shit was wide open.
The below URL (picrel) is what they were supposed to do to prevent the doxxing event that they created! They never secured their data lmao! No crime was committed. It’s like leaving the data in a public space unattended.
https://repost.aws/knowledge-center/secure-s3-resources
Here’s the RCA on the leak:
>python script used to obtain the leaked data
>https://archive.is/20250725223325/
Hilarious. Basically this python script is doing a get call against the base URL, which is defined as a variable. It’s then looking for any type of status 200 response which is a http return code that shows content is available from the get call. From that point forward, the script works on the status 200 response to grab jpg images. There’s nothing here with authentication. Everything was publicly available this was 100% on the application side. This was not a hack. Shit was wide open.
The below URL (picrel) is what they were supposed to do to prevent the doxxing event that they created! They never secured their data lmao! No crime was committed. It’s like leaving the data in a public space unattended.
https://repost.aws/knowledge-center/secure-s3-resources
Page 1