Results 1 to 2 of 2

Thread: Security researchers say Dropbox can be hacked

  1. #1
    Join Date
    Apr 2008
    Posts
    471

    Security researchers say Dropbox can be hacked

    Two security experts presented their work in which they have detailed the method to intercept SSL communications service. They said they had been able to proceed decompiling and deciphering source code of Dropbox.

    Dhiru Kholia and Przemyslaw Wegrzyn, two security experts reveal a note (.pdf) in which they indicate the manner in which they were able to bypass the security measures of the storage tool and file sharing in the cloud called Dropbox. And they explain that they could intercept data from the servers of the service.

    Student in the executable application, said they had decompiled source code of Dropbox to study the contours. After this, they were able to intercept SSL communications from the Dropbox servers and add a bypass of two-factor authentication that may be possible.


    "We have described a method to bypass the security on two-factor authentication of Dopbox accounts. But it is actually relatively generic techniques to intercept data via code injection methods" specify Dhiru Kholia and Przemyslaw Wegrzyn.

    In their announcement, hackers hope that the data storage service in the future will be more open to certain risks and safety practices known as reverse engineering.

  2. #2
    Join Date
    May 2008
    Posts
    388

    Re: Security researchers say Dropbox can be hacked

    They were able to decode the application executable, which actually includes a set of files written in Python, launched by an embedded interpreter. They then deciphered the code, which was defaced by obfuscation techniques source. Once this is done, they discovered how to intercept SSL communications from the Dropbox servers, how to bypass two-factor authentication used and how to develop an open source client alternative to the one provided by the company. The techniques used are described in a publication that was presented in the context of Woot'13 Usenix Conference.

Similar Threads

  1. My account was hacked by Facebook security
    By singham2011 in forum Video Games
    Replies: 8
    Last Post: 28-08-2011, 11:27 PM
  2. Replies: 5
    Last Post: 27-06-2011, 06:34 AM
  3. Researchers bypass Internet Explorer Protected Mode
    By Stranger410 in forum Software Development
    Replies: 3
    Last Post: 23-12-2010, 02:26 AM
  4. Researchers may soon make LEDs do double duty – light and wifi
    By Dilbert in forum Networking & Security
    Replies: 1
    Last Post: 08-10-2008, 04:19 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,718,965,833.70122 seconds with 17 queries