this post was submitted on 20 Dec 2024
6 points (87.5% liked)

Hacker News

309 readers
225 users here now

RSS Feed of HackerNews

founded 3 months ago
MODERATORS
[email protected]
[email protected]
6
Exploiting McDonald's APIs to hijack deliveries and order food for a penny (eaton-works.com)
submitted 2 days ago by [email protected] to c/[email protected]
6 comments fedilink hide all child comments
 

Comments

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 2 days ago (1 children)

Let me guess, you signed an NDA, and won't tell anyone which brands had badly configured access control in their web apps?

Each red flag is okay, but all together is rather strange. It's kinda classic to say that pajeets write shitty code.

[–] Manifish_Destiny 1 points 11 hours ago (1 children)

Of course I'm not telling you my fucking clients. My career path requires a modicum of professionalism

[–] [email protected] 0 points 7 hours ago

Good, because it's not of interest.

Even better for your career is being an actual researcher with a good grasp on heap grooming, MAC circumvention instead of spreading FUD over something that can easily be detected with burp.