From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on gnuweeb.org X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gnuweeb.org; s=default; t=1682119294; bh=yz82KYShoOPKYDSxcoK8yXOlNAAAlRzFVQrA9kquqwY=; h=References:In-Reply-To:From:Date:Subject:To:Cc; b=Uzv4wvd+2HxojMv7+e0JhnneTpLLvwdzytAlaNhoBw32ifiA0S+ceezivlcN9qGaF 5LZ2i5q0nhYF9an9IBjKZHcCzTh7ISYCdTyUyP6QhoBvekj+50Fz3AaBwDh6uwxBGm FW5oaTnSxvgzS71YR9dCw3VtI3EPvB/VbsdJVsr84cKnl/x6Fs+CAtKuUGwzSlVqjE 4QeuN6MC4GLbLdeB/hzayKdXXbhG/4JfE2798Pl36mX6JFwcndqwfNXiGLrmy0YhFP 3J5hNBpEA5+Lrg6rVfyOMEyLQ//6AeqlYNbPKMd2rIJzrip7Tn+aRJEkqkxhaAaZ/Y 8OHNSaInQzstQ== Received: from mail-yb1-f173.google.com (mail-yb1-f173.google.com [209.85.219.173]) by gnuweeb.org (Postfix) with ESMTPSA id C411524579E for ; Sat, 22 Apr 2023 06:21:34 +0700 (WIB) Received: by mail-yb1-f173.google.com with SMTP id 3f1490d57ef6-b8f48cd693eso532204276.0 for ; Fri, 21 Apr 2023 16:21:34 -0700 (PDT) X-Gm-Message-State: AAQBX9eg/03jnuiVfmXxWOdDGqJfiSlaD8F70IlPiBmBcTjw8TZMR9tX W4leBQ2T3//Wo49nHOmt3kEGROsUkf6FD2NGsmU= X-Google-Smtp-Source: AKy350bmMQ5DRwT/lnyLuxihbQWGzCFnCAYuo+YkpgYydnZzeCUrDZwsvlHZE9LwjIjpHVSiGmaNSS7gY/SDDGD5JbM= X-Received: by 2002:a25:a227:0:b0:b8f:5ff8:a302 with SMTP id b36-20020a25a227000000b00b8f5ff8a302mr5140734ybi.5.1682119293392; Fri, 21 Apr 2023 16:21:33 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Ammar Faizi Date: Sat, 22 Apr 2023 06:21:17 +0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: CF ticketing system is still vulnerable To: Alviro Iskandar Setiawan Cc: Michael William Jonathan , "GNU/Weeb Mailing List" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable List-Id: On Fri, Apr 21, 2023 at 7:45=E2=80=AFAM Ammar Faizi wrote: > On Fri, Apr 21, 2023 at 7:42=E2=80=AFAM Alviro Iskandar Setiawan wrote: > > POC and sample attached. > > > > gcc -Wall -Wextra -O2 -ggdb3 gwcfd2.c -o gwcfd2 -lcurl -ljson-c -lpthre= ad; > > ./gwcfd2; > > I'll address this ASAP. I sent your POC and sample to the KiosTix people yesterday. At first, they didn't acknowledge the leak because they thought you leaked the old tickets. Looking at their response, they will need a few days to mull things over before they fix the vuln. Plus, they will probably have difficulty grasping what your crazy multithreaded POC is actually doing. So let's give them more time; they're web developers, not super-savants. --=20 Ammar Faizi