博客:https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html
简介:电报消息应用程序关注隐私,在Playstore中有超过10,00,00,000个下载。在这种情况下,我们将滥用众所周知的删除邮件功能,该功能允许用户删除错误或真实发送给任何收件人的邮件。已经观察到,一旦消息(图像)被发送给接收者,它仍然保留在用户的内部存储器中,该用户位于“ / Telegram / Telegram Images /”路径中。 。
电报错误ACL。
2 comments
Comments are closed.
Wtf? It's a bag? You earn 2500€ from Telegram for it?!?!?? is this a bug ?! I did this many times when I needed to see deleted images and didn’t even think that this was a vulnerability, because it is a regular image cache.Dude, you fucking lucky bastard, I hate you, I don’t have enough money for food in the Russian Federation, and here you get 2500 € for some kind of garbage in the form of a bug
which program did you use on mobile. So nice.