Skip to content

November 6, 2017

Twitter exploit let two pranksters post a 35,000-character tweet

by John_A

Over the weekend, two German Twitter users successfully broke the existing character limit by sending a 35,000-character tweet. By formatting a message as a URL with extensive gibberish, they were able to absurdly pollute followers’ timelines. Twitter soon removed it, but for a moment, all the complaints about the length of 280-character tweets seemed insignificant in the face of such a monster.

User Timrasett paired up with another named HackneyYT to discover the exploit and tweet out the message. The original is gone now, but thanks to the power of the Internet Archive, you can see the colossus here in all its glory. While the text looks like nonsense, buried inside are URL codifiers (notably a ‘.cc’ tucked within), as Twitter user hexwaxwing pointed out:

If you’re wondering how twitter[.]com/Timrasett/status/926903967027785728 works:

[27024-char domain name].cc/[3244-char directory name] pic.twitter.com/vG26Jvz27F

— waxwing:(): &;: (@hexwaxwing) November 4, 2017

Twitter temporarily banned the two users responsible, though their accounts are back online (after thanking Twitter and apologizing for crashing the site). Judging by HackneyYT’s post-ban tweet, both will continue to poke around looking for bugs on the social platform. When reached for comment, a Twitter spokesperson confirmed that the exploit has been fixed and pointed to its rules, specifically:

To promote a stable and secure environment on Twitter, you may not do, or attempt to do, any of the following while accessing or using Twitter:

  • Access, tamper with, or use non-public areas of Twitter, Twitter’s computer systems, or the technical delivery systems of Twitter’s providers (except as expressly permitted by the Twitter Bug Bounty program).
  • Probe, scan, or test the vulnerability of any system or network, or breach or circumvent any security or authentication measures (except as expressly permitted by the Twitter Bug Bounty program).
  • Interfere with or disrupt the access of any user, host or network, including, without limitation, sending a virus, overloading, flooding, spamming, mail-bombing Twitter’s services, or by scripting the creation of content in such a manner as to interfere with or create an undue burden on Twitter

Source: Gizmodo

Advertisements
Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: