From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ammarfaizi2@gnuweeb.org>
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on gnuweeb.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,URIBL_BLOCKED,
	URIBL_DBL_BLOCKED_OPENDNS autolearn=ham autolearn_force=no
	version=3.4.6
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gnuweeb.org;
	s=default; t=1700575442;
	bh=DqRzatHm1PG16SYQhzoA71LR66g2jJ9+IIohOLKaeX0=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To;
	b=IqRWDbhM9X1t9lYAzRd3YY/fh3AELxTYH67rSUw6nNtGHKgCaYUxBNXSSbL/Yd6Zx
	 6rSqCP9m2uWDbXhq8urnJfEHaJnNg81JnNHzpOaH77iq07tCZ/6OUmRRlC6dpAdq/I
	 mzc72kzYrQT4+bAvf2wfI3G2m3trvK5+xsS7cMwbSJSk3MjMFRGfkrITr2TG6Om9W1
	 VVeszlM5Bj6A+uBKlQyYmidA0XmXU14OBb8FY0NTJFySQJWMFAdKZ8oepceQeAaQ84
	 HPJ5RKyGM8316geL3+aiL1SoJigBPN84dkvEA8gJKEOWGHOflH0P3yXgILkr+xki7V
	 Nd6FVtoXSIWgQ==
Received: from biznet-home.integral.gnuweeb.org (unknown [182.253.126.240])
	by gnuweeb.org (Postfix) with ESMTPSA id D2C0E24BAAF;
	Tue, 21 Nov 2023 21:03:59 +0700 (WIB)
Date: Tue, 21 Nov 2023 21:03:55 +0700
From: Ammar Faizi <ammarfaizi2@gnuweeb.org>
To: Louvian Lyndal <louvianlyndal@gmail.com>
Cc: Alviro Iskandar Setiawan <alviro.iskandar@gnuweeb.org>,
	GNU/Weeb Mailing List <gwml@vger.gnuweeb.org>,
	GNU/Weeb Facebook Team <fb@gnuweeb.org>,
	Michael William Jonathan <moe@gnuweeb.org>
Subject: Re: gwcfd v2?
Message-ID: <ZVy4y9LoFXg/SkRB@biznet-home.integral.gnuweeb.org>
References: <CAOG64qPJ1EOc0Q2r-yf4nM2dwvgt-6=TVumN9Yvaa_b+mXBKfw@mail.gmail.com>
 <CAP2ubgKewQt3pPq-=_Qhn=UkXkrRKjLP06NrB=3WvPHPs=KoXA@mail.gmail.com>
 <CAP2ubgLmQBwckvfMxO7y1DaTpVCTjSctNzRHCV58zZ5rc0KE+g@mail.gmail.com>
 <CAOG64qPTeo=BWuZ837YFCm_g+k3b8+T4QgopuDxPCcVoqhzhYg@mail.gmail.com>
 <CAOG64qPMDZVoq6Fyy0JCs+r=id6CU09Csxa8XcQ-nB+zpnSBDQ@mail.gmail.com>
 <CAP2ubg+MwpKqSf-jcmmGepc-Ln2YyhL_nB1GYLXExidfszN2rw@mail.gmail.com>
 <CAOG64qO4_KRgOGaXoZD2Rybu2_WEhBQ0nUfXZVra1eCHAH1t8w@mail.gmail.com>
 <CAP2ubgKrqFxrvhha6n3_=HfqmOG50P1a8XnMXzLbTJm7AiqkaA@mail.gmail.com>
 <CAOG64qNx7PWhiU+9fgBeKK-CdheZhsALsvcO5d8V0hmpmVdsLw@mail.gmail.com>
 <CAP2ubgKBq2kg2oK3evLEBdwtHXMK=Nfuv8qMNhXRq4Ww2N4Ogg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CAP2ubgKBq2kg2oK3evLEBdwtHXMK=Nfuv8qMNhXRq4Ww2N4Ogg@mail.gmail.com>
X-Bpl: hUx9VaHkTWcLO7S8CQCslj6OzqBx2hfLChRz45nPESx5VSB/xuJQVOKOB1zSXE3yc9ntP27bV1M1
List-Id: <gwml.vger.gnuweeb.org>

On Tue, Nov 21, 2023 at 08:44:51PM +0700, Louvian Lyndal wrote:
> On Tue, Nov 21, 2023 at 11:24 AM Alviro Iskandar Setiawan wrote:
> > On Tue, Nov 21, 2023 at 11:07 AM Louvian Lyndal wrote:
> > > On Tue, Nov 21, 2023 at 10:59 AM Alviro Iskandar Setiawan wrote:
> > > > On Tue, Nov 21, 2023 at 10:52 AM Louvian Lyndal wrote:
> > > > > On Tue, Nov 21, 2023 at 10:42 AM Alviro Iskandar Setiawan wrote:
> > > > > > On Tue, Nov 21, 2023 at 10:23 AM Alviro Iskandar Setiawan wrote:
> > > > > > > On Tue, Nov 21, 2023 at 6:46 AM Louvian Lyndal wrote:
> > > > > > > > On Tue, Nov 21, 2023 at 6:37 AM Louvian Lyndal wrote:
> > > > > > > > > On Tue, Nov 21, 2023 at 5:08 AM Alviro Iskandar Setiawan wrote:
> > > > > > > > > > There's a rumor that the current CF ticketing system is vulnerable (
> > > > > > > > > > https://ticket2u.id ). Will the GNU/Weeb security team assess it?
> > > > > > > > >
> > > > > > > > > I'll give you some samples so you can be sure it's real.
> > > > > > > >
> > > > > > > > Here you go:
> > > > > > > > http://mbol2yli7np6mzfgwimfnhajat6sdnq5frs2w7w3b7ldppdawexaxyid.onion/comifuro2023/
> > > > > > > >
> > > > > > > > It contains many events, not only CF. Your job is to create an OCR
> > > > > > > > program to classify those tickets (group by event). And extract user
> > > > > > > > identities.
> > > > > > >
> > > > > > > Ack, that's real.
> > > > > >
> > > > > > BTW, it's tiring to filter those out as I have not been able to
> > > > > > identify them programmatically. So far I couldn't find any CF tickets,
> > > > >
> > > > > Neither have I.
> > > > >
> > > > > > could you please send a valid CF sample? Not expired tickets.
> > > > >
> > > > > I found one:
> > > > > https://mbol2yli7np6mzfgwimfnhajat6sdnq5frs2w7w3b7ldppdawexaxyid.onion/comifuro2023/85b4bcb4-5455-4c91-9d55-76bcd648d165.pdf
> > > >
> > > > your claim is real
> > > >
> > > > tq tq, will give more effort on creating a program that helps this research
> > >
> > > Note that you cannot report this to Comifuro admins until you manage
> > > to create a filter to collect only CF tickets. After that, you must be
> > > able to extract user private information from the ticket to make the
> > > severity higher. Once everything is settled up, I will give you all of
> > > the dumps I collected (I'm still collecting newly generated tickets
> > > now).
> >
> > gud deal, oracle hacker
> 
> We're late, the vulnerable endpoint has officially retired, closing
> its doors to negotiations. We're at a standstill unless a new
> vulnerability decides to grace us with its presence.

Uh oh, that was fast. I love how the ticket2u team reacted quickly.
Deploying a fix immediately like what ticket2u did is a good job. Kudos
for ticket2u team.

Did you know? It was not the case with Kiostix who took holiday as an
excuse. Their fix was also horrible and not professional.

Extra Kiostix non-sense story bonus:
When I and Michael W. met them face-to-face at the venue, they said they
could detect a fraud using their feeling (they used such a non-sense
sentence as an excuse not to revoke the already leaked tickets).

-- 
Ammar Faizi