From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ammarfaizi2@gnuweeb.org>
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on gnuweeb.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,URIBL_BLOCKED autolearn=ham
	autolearn_force=no version=3.4.6
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gnuweeb.org;
	s=default; t=1682119294;
	bh=yz82KYShoOPKYDSxcoK8yXOlNAAAlRzFVQrA9kquqwY=;
	h=References:In-Reply-To:From:Date:Subject:To:Cc;
	b=Uzv4wvd+2HxojMv7+e0JhnneTpLLvwdzytAlaNhoBw32ifiA0S+ceezivlcN9qGaF
	 5LZ2i5q0nhYF9an9IBjKZHcCzTh7ISYCdTyUyP6QhoBvekj+50Fz3AaBwDh6uwxBGm
	 FW5oaTnSxvgzS71YR9dCw3VtI3EPvB/VbsdJVsr84cKnl/x6Fs+CAtKuUGwzSlVqjE
	 4QeuN6MC4GLbLdeB/hzayKdXXbhG/4JfE2798Pl36mX6JFwcndqwfNXiGLrmy0YhFP
	 3J5hNBpEA5+Lrg6rVfyOMEyLQ//6AeqlYNbPKMd2rIJzrip7Tn+aRJEkqkxhaAaZ/Y
	 8OHNSaInQzstQ==
Received: from mail-yb1-f173.google.com (mail-yb1-f173.google.com [209.85.219.173])
	by gnuweeb.org (Postfix) with ESMTPSA id C411524579E
	for <gwml@vger.gnuweeb.org>; Sat, 22 Apr 2023 06:21:34 +0700 (WIB)
Received: by mail-yb1-f173.google.com with SMTP id 3f1490d57ef6-b8f48cd693eso532204276.0
        for <gwml@vger.gnuweeb.org>; Fri, 21 Apr 2023 16:21:34 -0700 (PDT)
X-Gm-Message-State: AAQBX9eg/03jnuiVfmXxWOdDGqJfiSlaD8F70IlPiBmBcTjw8TZMR9tX
	W4leBQ2T3//Wo49nHOmt3kEGROsUkf6FD2NGsmU=
X-Google-Smtp-Source: AKy350bmMQ5DRwT/lnyLuxihbQWGzCFnCAYuo+YkpgYydnZzeCUrDZwsvlHZE9LwjIjpHVSiGmaNSS7gY/SDDGD5JbM=
X-Received: by 2002:a25:a227:0:b0:b8f:5ff8:a302 with SMTP id
 b36-20020a25a227000000b00b8f5ff8a302mr5140734ybi.5.1682119293392; Fri, 21 Apr
 2023 16:21:33 -0700 (PDT)
MIME-Version: 1.0
References: <CAOG64qN7ZPE+twkvxWM8uq4NDsWzbUsXGYvrPxhf55YWG2G3Ww@mail.gmail.com>
 <CAFBCWQL2i53P7QwHRXFu8WFbFbC7G8rLi-nNqqzRdeaXTC7F-g@mail.gmail.com>
In-Reply-To: <CAFBCWQL2i53P7QwHRXFu8WFbFbC7G8rLi-nNqqzRdeaXTC7F-g@mail.gmail.com>
From: Ammar Faizi <ammarfaizi2@gnuweeb.org>
Date: Sat, 22 Apr 2023 06:21:17 +0700
X-Gmail-Original-Message-ID: <CAFBCWQLN3ZTDciA+K4APQcR9XjJm8v_wec8BNiEe5swa3gRv-A@mail.gmail.com>
Message-ID: <CAFBCWQLN3ZTDciA+K4APQcR9XjJm8v_wec8BNiEe5swa3gRv-A@mail.gmail.com>
Subject: Re: CF ticketing system is still vulnerable
To: Alviro Iskandar Setiawan <alviro.iskandar@gnuweeb.org>
Cc: Michael William Jonathan <moe@chocola.dev>, "GNU/Weeb Mailing List" <gwml@vger.gnuweeb.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
List-Id: <gwml.vger.gnuweeb.org>

On Fri, Apr 21, 2023 at 7:45=E2=80=AFAM Ammar Faizi wrote:
> On Fri, Apr 21, 2023 at 7:42=E2=80=AFAM Alviro Iskandar Setiawan wrote:
> > POC and sample attached.
> >
> > gcc -Wall -Wextra -O2 -ggdb3 gwcfd2.c -o gwcfd2 -lcurl -ljson-c -lpthre=
ad;
> > ./gwcfd2;
>
> I'll address this ASAP.

I sent your POC and sample to the KiosTix people yesterday. At first,
they didn't acknowledge the leak because they thought you leaked the
old tickets.

Looking at their response, they will need a few days to mull things
over before they fix the vuln. Plus, they will probably have
difficulty grasping what your crazy multithreaded POC is actually
doing. So let's give them more time; they're web developers, not
super-savants.

--=20
Ammar Faizi