From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on gnuweeb.org X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gnuweeb.org; s=default; t=1682122738; bh=vNTIQopW5A4G8nNR6aunnzNjf+oWrAb4+SVcmogW9EY=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=YUaMHfBjid2QZFpEuFmQKDReFunAWIWhKW4QvClEWee2zhLRHgVVFHFPRx9az8PCX LuioGMO4D10+zd/VhG3PuT/LBTLNcYwsQ3uMXQ2s+Nj4sktLRWySFyvlmIEdUm0tZ9 weK64d5McB4aQ7gVd6BKyf2wtBzr9OYnIYKlN8rJPhjsEGrvcMRI16tFS6vuYnKFFz nKv6LMtSmn40LsygT6fJFSwazv2b7dbZqp8Eb388tfemDuDmFfL9hIFBRIR85dsDWA FWk3RZWBQKNfItcHHMHfeYQTGdzEnVGfxSXEN8q+di3/EkmireFNYKenGhyDtDIilp Y0gncogAYthMQ== Received: from biznet-home.integral.gnuweeb.org (unknown [182.4.102.89]) by gnuweeb.org (Postfix) with ESMTPSA id CEB8C245743; Sat, 22 Apr 2023 07:18:56 +0700 (WIB) Date: Sat, 22 Apr 2023 07:18:53 +0700 From: Ammar Faizi To: Alviro Iskandar Setiawan Cc: Michael William Jonathan , GNU/Weeb Mailing List Subject: Re: CF ticketing system is still vulnerable Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Bpl: hUx9VaHkTWcLO7S8CQCslj6OzqBx2hfLChRz45nPESx5VSB/xuJQVOKOB1zSXE3yc9ntP27bV1M1 List-Id: On Sat, Apr 22, 2023 at 07:09:51AM +0700, Alviro Iskandar Setiawan wrote: > On Sat, Apr 22, 2023 at 6:51 AM Ammar Faizi wrote: > > On Sat, Apr 22, 2023 at 6:42 AM Alviro Iskandar Setiawan wrote: > > > On Sat, Apr 22, 2023 at 6:21 AM Ammar Faizi wrote: > > > > On Fri, Apr 21, 2023 at 7:45 AM Ammar Faizi wrote: > > > > > On Fri, Apr 21, 2023 at 7:42 AM Alviro Iskandar Setiawan wrote: > > > > > > POC and sample attached. > > > > > > > > > > > > gcc -Wall -Wextra -O2 -ggdb3 gwcfd2.c -o gwcfd2 -lcurl -ljson-c -lpthread; > > > > > > ./gwcfd2; > > > > > > > > > > I'll address this ASAP. > > > > > > > > I sent your POC and sample to the KiosTix people yesterday. At first, > > > > they didn't acknowledge the leak because they thought you leaked the > > > > old tickets. > > > > > > Didn't they read the dump.txt file I sent? It looks new to me... Or > > > maybe I am the one who ate their sweet honeypot this time? > > > > No, I don't think that's a honeypot. I just confirmed that my new > > tickets that already use UUIDv4 are in your dump too. So it's legit; > > they just didn't understand what you're trying to inform. > > Doubt, did you talk to a dev or a manager? I guess you were talking to > a manager who doesn't understand the technical stuff behind this. To both of them, actually. Initially, I was talking to the "head of sales & partnetship" person. Then she created a WA group where I directly talk to the dev. [12:50 PM, 4/21/2023] Priska Narinda: Halo mas amar @Ammar Faizi , ini ada perwakilan dari IT kiostix ada mas ali @Ali Reza Y ya [12:50 PM, 4/21/2023] Priska Narinda: Boleh kita komunikasi disini yaa [12:50 PM, 4/21/2023] Priska Narinda: Biar gak berenti dan lama di saya nih ... [12:52 PM, 4/21/2023] Priska Narinda: Mas @Ali Reza Y ini penemuan dari tim mas amar ya.. terkait bug kiostix… mungkin bisa di tanggapi prosesnya ya [12:52 PM, 4/21/2023] Ammar Faizi: Salam kenal mas @Ali Reza Y. Saya Ammar Faizi dari GNU/Weeb. Ada tanggapan terkait pesan di atas? [12:53 PM, 4/21/2023] Priska Narinda: Yes tunggu jawaban dr ali ya [1:00 PM, 4/21/2023] Ali Reza Y: Halo mas..boleh saya bawa diskusi dulu ke tim kita ya mas [1:02 PM, 4/21/2023] Ammar Faizi: Oke. [1:06 PM, 4/21/2023] Ali Reza Y: mungkin ada hal lainnya lagi mas biar kita juga bisa bahas internal sekalian [1:07 PM, 4/21/2023] Ammar Faizi: Belum ada. Nanti akan terus saya update ke sini kalau ada penemuan lain. -- Ammar Faizi