Originally Posted by
Noele
Good work on the tool, although this is nothing new - a lot of services use these "incremental" urls that can easily be predicted and fuzzed.
The massive takeaway from this is that you should NEVER be screenshotting any relevant usernames, passwords, or otherwise impactful information ESPECIALLY if you're going to upload it to the internet.
ShareX is even moreso guilty of this, because I'm pretty sure by default, imgur is used, which has no privacy on images you upload for default users. There are configuration options around this, but you shouldn't be screenshotting mission critical information anyway.