|
|
|
|
|
|
by thomastay
1362 days ago
|
|
|
Wow that's amazing! The best part is that you managed to get their entire database, that must have taken a lot of work. How did that burner account thing work? My favorite experience with "hacking" in school involves wifi. My school had free wifi, but you had to log in with your student password. Well, the login step involved a GET request in which the password was sent in plain text as a URL parameter... so if you had your friend's laptop, it was a simple matter of looking at his browser history to see his password! Never did anything with it, but always wondered what someone seriously motivated could have done with it |
|
|
He ended up getting his account reset a lot of times, but it was funny having him answer the entire dataset of questions in literally about 1m30s...
School security always seems to be a funny weak point, it seems common that a school's budget never seems to reach the IT department... and yet everybody is shocked when a vuln is discovered like that :p