122

Downloaded example code and he left gmail credentials in...

Comments
  • 5
    Well that was silly
  • 17
    Time to let the author know...
  • 14
    Login to his Gmail & change the name to "Ever heard about .env files"

    That should be legal.
  • 7
    @niush no, it's not
  • 7
    @asgs I'm not getting myself into a hacker lawsuit for fun, enough people that reported stuff like that, that got the boot up their ass.

    Especially considering somebody might be abusing it already and I'd be the easy target for it then.
  • 4
    My friend’s friend got fired for checking in AWS credentials in company’s own private Git cloud. Scary mistake though!
  • 11
    @JoshBent You aren’t hacking him, he literally handed you his credentials. It’s not trespassing if you get an invitation to come inside.
  • 6
    @FelisPhasma good luck explaining that to a court, that has abused multiple times now the hacker law against whitehats.
  • 1
    @JoshBent what country are you in btw?
  • 2
    @FelisPhasma not doxxing myself in any way
  • 6
    @JoshBent Like the other person said, you are only merely going to point them out a mistake that they made

    If you feel that's an unnecessary risk and huge PITA due to how laws are structured and executed, I feel for you. "No Good deed goes unpunished"
  • 4
    @asgs I have followed white hat cases close enough, even local incidents and I am not going near anything like that indeed.

    I'd rather spend my time at home than battling with my lawyer in court, just because that one dev fucked up and had his gmail leaked - which doesn't affect me whatsoever besides a post on devrant.

    Also I haven't tested these credentials, they did look legitimate, but who knows if he changed it since, has been around 8 months since he released the videos and code too.
  • 1
    @asgs Several thousand times?
  • 1
    @d4ng3r0u5 come again?
  • 1
    @JoshBent Ok I respect not wanting to “dox” yourself. I was just curious because I don’t think I’ve heard of “hacker laws” being abused by the courts where I live.
  • 2
    @asgs Letting the author know, several thousand times, using his own email credentials.
  • 2
    @d4ng3r0u5 haha. Needn't necessarily do it via his email account. A comment on his tutorial or an email to that address is sufficient

    Anyway, this all seems silly now
  • 1
    @FelisPhasma I was globally referring to what is essentially rephrased into multiple countries in some shape or form, e.g. https://en.wikipedia.org/wiki/...
  • 2
    Such pretty colors
  • 1
  • 4
    Have you thought about informing that person through an "institution"? Not sure what your local go to would be, for me it would be https://ccc.de
  • 1
    @Wack for leaked gmail credentials? that sounds overkill.
  • 2
    If you want to stay anonymous...
  • 2
    @Wack if I want to stay anonymous I post it on devrant censored and carry on lol
  • 1
    @Wack I'd post the source for people to contact him themselves if they want to, but then the same people that suggest to "teach him a lesson" - would out of boredom do it.
  • 2
    @JoshBent oh. Love me some cyberpunk themed editors
  • 2
    @JoshBent @Root since we are at it.
    You both might like this one, as well:
    https://dev.to/_marcba/...
  • 2
    @JoshBent @-ANGRY-CLIENT- But. VSCode :<
    I wonder if there's a sublime port?
  • 1
    @-ANGRY-CLIENT- looks nice, but the glow would tilt me through a wall after a while lol!
  • 2
    @Root I doubt it, the engines are hugely different I believe :/
  • 1
    @-ANGRY-CLIENT- just saw you might be able to adjust the amount of glow, so will give it a try in a bit, thanks!
  • 1
    @-ANGRY-CLIENT- not my thing, looked prettier or less aggressive on the screenshots haha
  • 1
    contact "him" on that gmail from your own email saying you changed the his password for him and wait for the response.
  • 0
  • 0
    @JoshBent Use Tor (or Tails VM if you're overly cautious), google for a tmp-mail service and send him an email.

    Even more cautious would be to use a reputable VPN on your Host and Tails as Guest which'll use that VPN, too.
  • 0
    LMAOOOOO.

    That’s why you use throwaways or don’t use your personal mail accounts at all ⚰️
  • 0
    @LinusCDE I'll make sure to do all that and use public wifi, just to message him about this, absolutely.
  • 1
  • 2
    @Root 🦄🍭🍬🍡
  • 1
    Ah PHPMailer my beautiful friend
  • 0
    Could be an app specific password?
  • 0
    See it it is linked to a PayPal or similar
Add Comment