It's also a bit risky, as some University administrators may not understand that he isn't actually being malicious. Automated scraping can be considered a violation of some IT policies though, so OP should be careful about something like this.
I'm in higher-ed infosys and we see a number of automated registration sniping hacks in our monitoring / metrics. We usually don't run it up the chain unless it's malicious or impacting the service for other students. Otherwise we just investigate it a little bit and share it on Slack with the group if it's clever. The only time we've ever reached out to a student is to ask him to stop sharing it with others (and fix it) because it was performing some really aggressive polling.
Some other schools in our system are really reactionary, though, and consider any automation a ToS violation and will freak out.
e: And if you know the URL pattern / platform of your Uni's registration system, there's probably already a couple of examples on github of a registration bot.
I've seen where it could also be seen as a violation of the academic honor code. Georgia Tech has some serious warnings about trying this sort of stuff.
Agreed, but it's just automation at play here. Clever, and will save time though, just thought that the headline was a little misleading, considering a registration system was involved.
Agreed, but it's just automation at play here. Clever, and will save time though, just thought that the headline was a little misleading, considering a registration system was involved.
Apologies for the mislead! When I titled this, I imagined talking a lot more about stepping through the registration system in something like mitmproxy to find the exact requests to send, which feels a lot closer to hacking/reverse engineering. I ended up not really talking about that, but neglected to change the title.
I'd be worried if it was actually about "hacking", because the result is usually very severe. Universities are still quite backwards went it comes to security unfortunately.