0-click deanonymization attack using CloudFlare with just a friend request? (1 Viewer)

demonnic

Straight
Supporter
Joined
Jun 30, 2024
Messages
832
Reaction score
1,231
Location
Jasper, Georgia
Well, this was a fun read. https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117

The tl;dr is CloudFlare has a vulnerability that allows you to find out generally where someone is just by sending them something as innocuous as a Discord friend request, and it's not just Discord. It affects any service which can be forced to cache a known URL such as your discord avatar.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account and join our community. It's easy!

Log in

Already have an account? Log in here.

Back
Top Bottom