Replacing WeTTY

Two years ago, I discovered a vulnerability in Glitch’s web terminal that allowed an attacker to steal a user’s authentication tokens when the user visits a specially crafted URL. This issue is now fixed.

I earlier posted about discovering a way to get root access on Glitch, mentioning that I had been researching something that an attacker with root access could do. It’s been almost two years since then, and here it is at last.