Being a responsible, friendly hacker means you don’t get to take advantage of the bugs and holes you find, even if those could’ve let you get free pizza.
Paul Price, a security consultant from the UK, found a bug in the British version of the Domino’s Pizza app that let him do exactly that. Price found that the app’s API wasn’t processing payments correctly, allowing users with enough technical know-how to meddle with it and trick the app into accepting invalid payments, essentially allowing them to order pizza for free.
“Errr, what? It looks like my order was placed without a valid payment,” Price wrote in a blog post recounting the time he ordered pizza without paying for it. “Surely this is an oversight/edge case and Dominos’s will have back office checks in place before physically starting to prepare my order…right?”
Wrong. Price wasn’t sure it actually worked, so he called the store to double check, and surely enough, they told him his pizza was being prepared, according to his blog post. For the full article click here
from hacker samurai http://ift.tt/1XeZEBM
via IFTTT
No comments:
Post a Comment