How I Hacked GroupMe – Accessing Other Groups Messages
This is a bit of an unrelated topic to the the whole MasterSelf ensemble, but I wanted to start sharing some of my technological adventures with the world.
This week I’m going to get into how to “hack” groupme and access messages from other groups and how I actually discovered this vulnerability.
It all started out when I noticed something strange in my text messages. When I was part of a groupme group I would get sent these short URL’s when others sent emojis or other media in the chat.
Being a programmer by trade I noticed the specific reference to my message was encoded in that 7 letter string on the end of the link.
Assuming this is a case sensitive alpha numeric encoding that is 7^((26*2 )+10) combinations which is quite a bit — but easy for a computer to guess.
I fired up my HTTP request fuzzer(this tool basically allows you to generate random strings as website request in the attempt of guessing a correct URL)
and at first just started guessing the last 3 characters of the string. ( this only means 3^((26*2)+10) combinations)
Looks like the website doesn’t care if you spam it with request..
And Bingo I started seeing other messages.
Going forward it would be interesting to collect all the viable URLS and attempt find a pattern of how these are generated. I highly doubt that these 7 letter strings are generated randomly — they are probably the request of some hash function on a unique ID that it given to each message.
I have attempted to contact Microsoft about this issue but got no reply on my 2nd message asking if this viable for the bug bounty program.
Therefore I am going to release this to warn the public about how your group me messages are probably not as safe as you think…