• Home
  • About Us
  • Authors
  • Submit News
  • Contact Us
  • Privacy Policy
  • Sitemap
The Hack Post
  • Hacking News
    • Cyber Crime
  • Cyber Security
  • Technology
    • Internet
  • Entertainment
    • Gaming
  • Business
  • Science / Health
No Result
View All Result
The Hack Post
No Result
View All Result

Hackers Can Hijack Anyone’s Twitter Tweets (Legally)

Ahmed Khan by Ahmed Khan
February 8, 2017
Hackers Can Hijack Anyones Twitter Tweets (Legally)
Share on FacebookShare on Twitter

Hackers can hijack tweets using a python script, created by misterch0c that runs through any twitter account to allow anyone to hijack any twitter accounts or users tweet.

When the script is run in python, it goes through the Twitter accounts tweets and locates any links shared by the Twitter user. The script then checks whether or not the links found in the tweets have expired, and are no longer registered, or not. Once it pinpoints the websites that actually aren’t registered, the attacker can register the domain for themselves and redirect it to any website they like.

Attackers can misdirect users into going to a malicious website infected with a virus, or a phishing page. Therefore the level of threat the script provides is great.

#!/usr/bin/env python2
# -*- coding: utf-8 -*-
# Copyright (c) 2017 @misterch0c
# This program is free software: you can redistribute it and/or modify
# it under the terms of the HTL Hodge Twins License as published by
# the Free Gains Foundation, version 1 and only of the License.
#
# This program is distributed in the hope that you do whatever the F*CK,
# you wanna do with it.
import tweepy
import time
import threading
import sys
import re
import pythonwhois
from secrets import consumer_key, consumer_secret, access_token, access_token_secret
class myThread (threading.Thread):
def __init__(self,accounts):
threading.Thread.__init__(self)
self.accounts=accounts
def run(self):
print "Starting " + self.name
findem(self.accounts)
def get_all_tweets(screen_name):
alltweets = []
new_tweets = api.user_timeline(screen_name = screen_name,count=200)
alltweets.extend(new_tweets)
oldest = alltweets[-1]['id'] - 1
while len(new_tweets) > 0:
new_tweets = api.user_timeline(screen_name = screen_name,count=200,max_id=oldest)
alltweets.extend(new_tweets)
oldest = alltweets[-1]['id'] - 1
print "...%s tweets downloaded so far for %s" % ((len(alltweets)),"@"+screen_name)
return alltweets
def is_not_registred(url):
try:
who=pythonwhois.get_whois(url)
return 'NOT FOUND' in str(who)
except Exception:
print('oops')
return False
def get_accounts():
acc=[]
with open('accounts_leftover') as f:
for l in f.readlines():
twit_name=l.split(',')[0]
acc.append(twit_name)
return acc
def findem(accounts):
urls=[]
print('++ new thread ++')
lock.acquire()
if len(accounts) == 0:
print("++ OVER ++")
lock.release()
return
acc = accounts.pop(0)
lock.release()
tweets=get_all_tweets(acc)
for tweet in tweets:
if 'RT' not in tweet['text']:
nn=tweet['entities']['urls']
for ur in nn:
expanded_url=ur["expanded_url"]
expanded_url = expanded_url.replace("http://","").replace("https://","").replace("www.", "").split("/")[0].split(".")
expanded_url = expanded_url[len(expanded_url)-2:len(expanded_url)]
expanded_url = '.'.join(x for x in expanded_url)
if expanded_url.lower() not in excluded:
print("["+acc+"]"+" -- "+ expanded_url)
if is_not_registred(expanded_url):
print("PWND " + acc +" -- "+expanded_url)
urls.append(expanded_url)
thread1=myThread(accounts)
thread1.daemon=True
thread1.start()
f = open('twit_results', 'a')
f.write(str(urls) + acc +'\n')
f.close()
print("+++ " +str(len(urls))+ " available domain found +++")
print(urls)
auth = tweepy.OAuthHandler(consumer_key, consumer_secret)
auth.set_access_token(access_token, access_token_secret)
api = tweepy.API(auth,parser=tweepy.parsers.JSONParser())
#Let's assume those are registred.
excluded=['twitter.com','facebook.com','fb.me','apple.com','apple.co','snapchat.com','billboard.com','youtube.com','youtu.be','spotify.com','github.com','yahoo.com','fbi.gov','goo.gl','instagram.com','buzzfeed.com','amazon.com','vine.co','twimg.com','persiscope.tv','microsoft.com','fb.on','bit.ly','nike.com']
accounts=get_accounts()
lock = threading.Lock()
for x in range(20):
print(x)
thread1=myThread(accounts)
thread1.daemon=True
thread1.start()
while True:
time.sleep(1)

This method was recently used by a Belgium security researcher named Inti De Ceukelaire to hijack an old Donald Trump tweet, tweeted back in 2012, redirecting people to a youtube video, rather than the National Achievers Congress website that was originally posted.

The hijacked tweet can still be seen on Donald Trump’s official twitter page.

I'll be speaking tomorrow at the San Jose Convention Center (CA) for the first- ever National Achievers Congress http://t.co/m4JN2oIw

— Donald J. Trump (@realDonaldTrump) April 11, 2012

Trump has addressed the tweet and stated that the website of the National Achievers Congress, nac2012.com, was not renewed by the original owner. This allowed Into to buy and register the domain name for himself and redirect it to this youtube video:

Luckily for Donald Trump, Inti De Ceukelaire did not have any malicious or political reasons to successfully attempt the hijack. However, someone who might could use the same method. The hijackers can’t and won’t be arrested either, because it would be completely legal. According to The¯Undersc0re’s blog post on Medium.com, there are more high profiled celebrities who are at risk of having their tweets hijacked, some of them that were tested by The¯Undersc0re are:

Katty Perry, @katyperry , 95.6M
Shakira, @shakira, 42.7M
Jennifer Lopez, @JLo, 39.3M
Aamir Khan, @aamir_khan, 19.8 M
Agnez Mo, @agnezmo, 16.2M
Triple X Movie???, @deepikapadukone, 17.3M
Maroon 5, @maroon5, 13.7M
shaquille o’neal, @SHAQ, 13.2M
Thalia, @thalia, 8.77M
Pegg News, @simongpegg, 6.63M

Twitter has not yet addressed the issue yet. Whether or not they will change Twitters API just to avoid this from happening in the future, regardless, it would be a costly job.

It is also a good reminder to keep our outdated and unused domain names in check and constantly registered so hackers do not use it to their own advantage.

Tags: Hijack Tweets
Ahmed Khan

Ahmed Khan

A security analyst and technical writer at The Hack Post. I’m passionate about spreading knowledge and enhancing my own in the fields of cyber security. I am studying Computer Forensics & Security at the Leeds Beckett University. Creating content is a hobby of mine and hopefully will make it more than just that with the experience and time I’ve spent here at The Hack Post.

Next Post
82 Kazakhstan Websites Hacked by AnonymousFox

82 Kazakhstan Websites Hacked by AnonymousFox

Latest Articles

The Premier Choice for Cesspool Service near Ronkonkoma, NY
Business

The Premier Choice for Cesspool Service near Ronkonkoma, NY

May 26, 2023
A-1 Sewer & Drain
Business

A-1 Sewer and Drain

May 26, 2023
What is Content at Scale and How Does it Help Boost Your Content?
news

What is Content at Scale and How Does it Help Boost Your Content?

May 26, 2023
The Evolution of Payment Systems in the Cryptocurrency Landscape
Business

The Evolution of Payment Systems in the Cryptocurrency Landscape

May 25, 2023
Reasons Small Business Loans get rejected
news

Reasons Small Business Loans get Rejected

May 16, 2023
A Complete Guide on Mobile App Wrapping
Technology

A Complete Guide on Mobile App Wrapping

May 16, 2023
Best Roofing Company in Indianapolis
news

Best Roofing Company in Indianapolis

May 16, 2023
Sealants for Industrial Processes Introducing CJM Centritec Non Contact Seals and CinchSeal Rotary Shaft Seals
news

Sealants for Industrial Processes: Introducing CJM Centritec Non Contact Seals and CinchSeal Rotary Shaft Seals

May 15, 2023
Building Custom Generative AI Models with TensorFlow
Technology

Building Custom Generative AI Models with TensorFlow

May 13, 2023
Secure Your Gaming Experience Top Tips for Safer Online Play
Entertainment

Secure Your Gaming Experience: Top Tips for Safer Online Play

May 11, 2023
windows in europe Everything You Need to Know
news

Windows in Europe: Everything You Need to Know

May 4, 2023
4 Advantages You Can Get Using WordPress Alternatives
Technology

4 Advantages You Can Get Using WordPress Alternatives

April 29, 2023
  • Home
  • About Us
  • Authors
  • Submit News
  • Contact Us
  • Privacy Policy
  • Sitemap

The Hack Post © 2019

No Result
View All Result
  • Hacking News
    • Cyber Crime
  • Cyber Security
  • Technology
    • Internet
  • Entertainment
    • Gaming
  • Business
  • Science / Health

The Hack Post © 2019