Hacker News new | ask | show | jobs
I hacked Uber's website yesterday (thisshouldbefixed.com)
19 points by uberhacked 4019 days ago
2 comments
Xylemon 4019 days ago
The "Slip and Slide" bit give me a good laugh. Interesting article, makes me curious about what exploits I have on my own site.
link
uberhacked 4019 days ago
Thank you for sharing your thoughts! I'm glad you enjoyed the article. Kickstarter.com is my next target.
link
droope 4019 days ago
Recommendation: stop being an idiot. With your skills you should be able to land a job in security, and you'll actually make money instead of going to jail like a dumbass.
link
nsx147 4019 days ago
Some Uber intern probably made that form and didn't know what sanitizing inputs was about. Good find - but easy fix. You usually can't get away with XSS attacks anymore
link
uberhacked 4019 days ago
Uber told me they used WordPress to build their petition sites. Maybe other WordPress sites are vulnerable?
link
noeltock 4019 days ago
WordPress has plenty of functions to sanitize, the one who made the theme or dropped in the form probably overlooked it.
link