The teenager has found that he could change ticket costs just by replacing them in the source code by utilizing the browser’s developer tools. He later bought a $35 ticket for $0.20. The buying went within because BKK’s software had no validation methods in the section on the consumer or the server side. So the error did not even require any serious hacking.
After he had found the flaw, he reached BKK to let them know about it. Nevertheless, rather thanking him and fixing the poor coding, they requested the policemen and registered a charge that he had “hacked” their software. The policemen went to the man’s home and seized him in the midst of the night, even though he never more did or even accepted the ticket and didn’t live near Budapest.
As if they had achieved something absolutely good, BKK held a press meet bragging regarding how they had stopped a “cyber attack” and discovered the hacker. When news got out that the hacker was a white hat and had attempted to inform the group about the flaw, the rage on Twitter held furiously. People vilified, cursed, and sarcastically praised @bkkbudapest. There is also discussion of rallies being organized.
Additionally, the group now has a one-star rating on its Facebook page gratitude to thousands of people gathering to it to grant them one-star reviews. Currently, the page has 46,000 one-star numbers. Estimating the total amount of inspections (only 222 five-star ratings), this is a shortage that BKK will never more grow from without creating a new page.
“Learn to verify server side, you noobs,” said one review. “What were you guys thinking?”
During its presser, BKK declared that it had “secured” its operations. Of course, boiling white hats immediately examined the site and started showing out other flaws. One Twitter user even called the website’s security “a goddamn train wreck.” The BKK site is currently down.
Hello, my name is Laiker Attacker. I'm a 23 year old Developer Webs Design Graphic 4D And Write News from the United State.
No comments:
Post a Comment