|
|
|
|
|
|
by hultner
1145 days ago
|
|
|
I’ve seen my fair share of web-apps where the subscription check is entirely client side JS and a simple self MITM is enough to bypass payments. Not saying this is the case in this particular instance but it’s definitely something I’ve seen more then once. I’ve brought it up as an issue with some companies but I’m usually met with a shrug and a response in the realms of “our users wouldn’t know how to do that”. I’ve even seen car charging poles with entirely client side JS to validate account/login to charge for the electricity. I too have grown up, playing games with a hex editor in one hand and tcpdump in another so I have a habit of poking around to see how stuffs made. |
|
|