Coping MAGA on Twitter
twitter.com
BREAKING: There was just a #parlerhack, this was publicly available and unencrypted on their public API endpoint. Not sure what they've changed yet, although expect a ton of data shortly, we will post updates. #ParlerLeaks pic.twitter.com/s5ZTtQJw7c— Coping MAGA (@CopingMAGA) November 24, 2020

Oh, it is good.

https://twitter.com/hashtag/ParlerLeaks

https://twitter.com/hashtag/parlerhack

Post any good finds.

Best explanation I've seen why this is a big deal.

WordPress Config file being accessible is a big yikes. Gives you the destination for the DB as well as the username and password to sign into it. MySQL export and anything not using MD5 Hash is visible right away - the rest? Decrypt.

Soon as the DB has been exported, game over.

https://twitter.com/IckleIzu/status/1331401417186299909

  • ocho [they/them]
    ·
    4 years ago

    Didn't you need a SSN to make an account? Does that get leaked too? :party-sicko:

    • charles_xcx [he/him]
      ·
      4 years ago

      lmaoooooo why would anyone ever give their ssn to a social media website

      • anthropicprincipal [any]
        ·
        4 years ago

        Apparently it was only for their eqv to blue check accounts.

        They needed the SSN to make payments for ad revenue sharing as well.

        So if the SSNs do get leaked it is going to be grifter ahoy.

    • anthropicprincipal [any]
      ·
      4 years ago

      They hardcoded the salted passwords next to the key. It would be like posting a physical key on a locked door.

      My friend teaches C+ at a community college and he would fail whatever monkey wrote this code.