Photof*cket, Or Why Leaving Image Names As Default Is A Bad Idea

| | Comments (1)
Fusking. You might have heard the term before, but what is it?

From Wikipedia:

"A Fusker is a type of website or utility that extracts images from a web page, typically from free hosted galleries. Fusker software allows users to identify a sequence of images with a single pattern, for example:

example.com/images/pic[1-16].jpg

This would identify images pic1.jpg, pic2.jpg, through pic16.jpg.

When this pattern is given to a fusker website, the website would produce a page that displays all sixteen images in that range."


In other words, it's the same as visiting a website, assuming the images are numbered sequentially (1.jpg, 2.jpg, 3.jpg...) then manually changing the last part of the URL to cycle through them all. Fuskers do the same thing, but on a potentially much bigger scale.

Well, a few days ago I came across something called "Photof*cket" (this is a worksafe blog, hence the blanking out)...designed to grab images from Photobucket (you can see what they did there). It seems to have been around for quite some time, but I must admit it's the first I've seen of it.

pf.png
Click to Enlarge

pf2.png
Click to Enlarge

pf3.png
Click to Enlarge

From the Documentation:

"The core functionality of PhotoF*cket is to download content from public and private PhotoBucket albums.

Main Features

Rip Public Albums - PhotoF*cket can download all the content from a public album quickly and easily.

Rip Private Albums (with password) - If you have the password to a private account, PhotoF*cket can download all the content from the album just as quickly and easily as if it were a public album.

Fusk Private Albums (without password) - PhotoF*cket can attempt to download the content of a private album using a brute-force method called "fusking," where the software tries to download content by guessing the names of files that might be in the private album."


That last part is particularly interesting - and like I said in the title, simply leaving your pictures as "img1 / picture1 / img_1" etc before uploading them to your "Private" galleries is probably a bad idea. Fuskers will go looking for the most common naming schemes - giving your images custom titles makes it that little bit harder for people to grab them. Of course, my own thought on this is that if your image is personal enough that you have to put it in a private gallery at all, then you likely shouldn't be putting it online in the first place.

You never know who is poking around - or (more importantly) how they're doing it...

1 Comments

there are a number of programs that do this
navnet for one, i have even seen a batch script and a javascript script to do this.
don't forget curl!

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on January 22, 2009 9:22 PM.

A Game That's Impossible To Lose was the previous entry in this blog.

"Free Habbo Credits".... is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.