Skip to content

Commit

Permalink
Quick security post this weekend.
Browse files Browse the repository at this point in the history
  • Loading branch information
adir1 committed Sep 7, 2024
1 parent 20833da commit 3fdf4b6
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion content/posts/2024-tiktok-security-hole-schoker/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ Some more details on this common vulnerability - their login API (/send_code) di

The sad reality is that most email accounts quickly get found out via all kinds of hacks and leaks, and end up on dark-web for sale mostly to spammers and hackers. Interestingly there was a challenge attempted by TikTok initially - showing puzzles to verify if I am human. However simply cancelling the puzzle few times convinced them somehow not to show it any more.

It is also very possible that there is rate limiter setup in front of the API - however this also offers limited protection as slower rate of requests may not trigger it, and attack by randomizing source IP should also confuse it.
It is also very possible that there is a rate limiter setup in front of the API - however this also offers limited protection as slower rate of requests may not trigger it, and attack by randomizing source IP also likely to confuse it.

## Recent related Squarespace hack

Expand Down

0 comments on commit 3fdf4b6

Please sign in to comment.