Really incredible. This is what I imagined hacking stopped being like in 1995. I applaud Bob for having the inner fortitude to not just exploit them for infinite nuggies. The fact someone got fired for it probably contributes to why the security is so bad, corporations truly don’t deserve white hat hackers.
How I Hacked McDonald's (Their Security Contact Was Harder to Find Than Their Secret Sauce Recipe) | bobdahacker
Submitted 2 days ago by cm0002@piefed.world to cybersecurity@infosec.pub
https://bobdahacker.com/blog/mcdonalds-security-vulnerabilities
Comments
mfed1122@discuss.tchncs.de 2 days ago
cm0002@piefed.world 2 days ago
I applaud Bob for having the inner fortitude to not just exploit them for infinite nuggies
My literal first thought was "got dammit, why didn't I try that" (I had assumed McD would have rolled out an app with proper server-side validation and never bothered)
I do not have the inner fortitude to not exploit a giant corpo for free nuggies LMAO
redsand@lemmy.dbzer0.com 2 days ago
I’m downloading the android SDK again. Can’t say for sure what I’m going to do with it but I can say for sure you woln’t be reading about client side validated food from me.
redsand@lemmy.dbzer0.com 2 days ago
I can’t even summarize this. I’m only half through reading and there are plain text passwords sent via emails and unauthenticated admin panels. This is crazy for a company of this size.
frongt@lemmy.zip 2 days ago
This is all too common for a company of this size. Bigger doesn’t mean better.