EbaY Hacked XSS Flash Redirect Exploit Strikes Live Narrated

6,909

Sign in or sign up now!

Uploaded by cappnonymous on Aug 5, 2007

Please read this text accompaniment.
This is a live screen recording of hacking in live listings on ebay.

This video documents one of several different redirect exploits consumers may fall victim to while surfing or browsing ebay.

Let's meet the "seller":
rkng2526 ( 0 )
Member since Aug-04-07
in United States

Here is the item:
Harley-Davidson : Touring 2004 Road King Classic
Item number: 280148328573
Listing and payment details:
Starting time: Aug-04-07 03:18:28 PDT
Starting bid: US $4,700.00
Duration: 3-day listing
This is a Featured Plus! listing
-----------------
EDIT: Please note that as I edit this description at around 10:45 AM Pacific Time, on 08-05-07, the listing is STILL LIVE!
tinyurl.com/yt7nzo

This is part of an ongoing MASSIVE WORLDWIDE HIJACK & HACK ATTACK on ebay.

Please look at my blog for a little follow-up: tinyurl.com/2yrovh

Remember when shopping online, there is no guarantee on ebay, even for obvious flaws which exist WITHIN their site. They have lost control of their own site. A victim of not only the hackers, but their own lax policies, sloppy, substandard dangerous coding errors. and a lack of any real security whatsoever from the looks of IT.

OH, when I said ebay will hold the victim responsible, and will not accept responsibility, I misspoke slightly... Please view the BBC News article: "EBay blames users for fraud" tinyurl.com/2dneg2
------------------
Please visit these sites before you consider using, or continuing to use ebay:
nekkidtruth.blogspot.com
www.firemeg.com
www.companyexposed.com
www.theauctionguild.com
www.pheebay.com
www.ebaymotorssucks.com
www.screw-paypal.com

or you can follow the links from the cappnonymous channel page.
---------------------
Note: This audio/visual digital document was created using the new & improved ZDSoft Screen Recorder 2.6.2.0, Audacity, Windows Movie Maker 2, and "SUPER © v2007.bld.23 (July 4, 2007)", on 08-05-2007, @ approximately 03:16:06 Pacific Time.
The video is uncut. The vocal audio is dubbed.

I am using firefox 2.006 browser, with Adblock Plus, NoScript, Super DragandGo 0.2.6, Image Zoom 0.3, and SlimSearch 0.1.8 extensions, and my "bumped" SpoofStick 1.06, Download Embedded [media] 0.5, among others. My skin is miniFox 0.8.2. The small magnified window is a function of microsoft wireless intellimouse explorer 2.0, model# 1007 (more)

Category:

Comedy

License:

Standard YouTube License

30 likes, 5 dislikes

Uploader Comments (cappnonymous)

Hello edengueta

This is a live screen recording of a dangerous flash manipulation redirect flaw on ebay.

Ebay allows dangerous code in the UGC of site.

Exploiting this flaw allows hackers to steal IDs & personal credentials from unsuspecting ebay surfers, who have been falsely assured of their safety on the ebay site.

Ebay has the abilty to correct this, yet they do not.

Draw your own conclusions as to why not?

Click 'about this video' to read more.

Thank you for watching & commenting.

cappnonymous 3 years ago
hello taano71.

Thanks for watching and commenting. :)))

cappnonymous 4 years ago
That's some shit right there. Some poor sap could have spent $5k on that bike, and ebay would have had no idea that the item was even sold. Good vid, you sound kinda like Joe Pesci though lol.

crw2223 4 years ago 5
Hello crw2223

Thnx for watching&commentng

This is small-time compared 2 what else is out there

Fake ebay sites&pages

Google "Bayrob tojan"

"Fiendish Trojan pickpockets eBay users"

"Trojan Creates Parallel eBay Universe"

"I bought this jeep on eBay and got scammed please help"

cappnonymous 4 years ago
continuing...

Some poor lady lost 8.6K bucks -Ebay says tough luck, even though their poor security, design, policies & false promises are what allows it, and they KNOW it, & they could fix it easily.

This same stuff happens constantly.

They should be held accountable.

Since they have more money than God, they can play big bully/900 lb gorilla

Blaming users for THEIR on -site security failures -NO GUARANTEE -treating them like

garbage = A site to AVOID like the plague!

BOYCOTT ebaY & PayPal!

cappnonymous 4 years ago
Following up, whitegreyhat. This particular redirect uses flash. Ebay is not even equipped to detect the scam. They do not have the plugin & cannot tell it exists. See ebaymotorssucks scam page for a write up on that.

Only ebay knows the numbers. What *everyone* knows is there is a CONSTANT neverending flow. Many use porn pics & they are EVERYWHERE

Please view "ebaY LiveHelp Gives Official Blessing to Obvious Scam! OMFG" and read descr, follow links.

Horrific example of why to avoid ebay.

cappnonymous 4 years ago

Top Comments

That's why I dont buy stuff from ebay lol.

sn1p347 4 years ago 13
very good video ebay is bad i never shop there!!

taano71 4 years ago 11

see all

Video Responses

see all

All Comments (18)

That's an IP address, and the person lives at 650 Manor Park Dr in Columbus, OH 43228

MrMorlonelycat 6 months ago
im sorry my english is bad!!

can you axplain me please what is the minning of this video??!?!

thank you very much...

edengueta 3 years ago
hahhahha my cousion makes bid then my cousion makes a fake page so no one cloud bid anymore hahahahha

peppyers 4 years ago 7
That's really shocking to me. I usually am really careful with my computer and know exactly what I'm dealing with but, I had no I dea someone could do that on Ebay!

KaraConga 4 years ago 6

View all Comments »