German users exploit a Twitter bug to post 30,000-character tweet
Pierluigi Paganini
November 07, 2017
Over the weekend, two German Twitter users successfully bypassed the existing character limit by exploiting a Twitter bug and sending a 30,396-character tweet.
Two German Twitter users, Timrasett and HackneyYT, were able to bypass the 280-character limit by posting a 30,000-character Tweet.
Unfortunately, the side effect was that the long tweet caused problems, with some users complaining of crashes.
The social media giant banned the accounts of the two users for a brief period of time but are now back online after they apologized. Twitter removed the original oversize-Tweet composed of 30,396 that can be viewed here.
According to the The Daily Dot, the German duo exploited a rule Twitter made in 2016 that links would no longer count in the 140-character limit.
“So how did they do it? By exploiting a rule Twitter made in 2016 that links would no longer count in the 140-character limit. Yes, this is just one big web address with a URL code hidden deep in the large block of text. You can find it by opening up the tweet and searching for “.cc/” reports The Daily Dot.
The experts broke the limitation by formatting a message as a URL with extensive gibberish. Twitter promptly removed it the message and suspended the accounts of the users.
The accounts of the two users are back online after apologizing for crashing the site.
Both users will continue to look for other bugs on the social platform.
Below the comment of a Twitter spokesperson who confirmed that the flaw exploited by the German duo has been fixed and pointed to its rules, specifically:
To promote a stable and secure environment on Twitter, you may not do, or attempt to do, any of the following while accessing or using Twitter:
- Access, tamper with, or use non-public areas of Twitter, Twitter’s computer systems, or the technical delivery systems of Twitter’s providers (except as expressly permitted by the Twitter Bug Bounty program).
- Probe, scan, or test the vulnerability of any system or network, or breach or circumvent any security or authentication measures (except as expressly permitted by the Twitter Bug Bounty program).
- Interfere with or disrupt the access of any user, host or network, including, without limitation, sending a virus, overloading, flooding, spamming, mail-bombing Twitter’s services, or by scripting the creation of content in such a manner as to interfere with or create an undue burden on Twitter
| [adrotate banner=”9″] |
[adrotate banner=”12″] |
Pierluigi Paganini
(Security Affairs – Twitter bug, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
