Responsible Disclosure: Content Injection flaw in Gett's Website

by @edent | , , , | Read ~163 times.

A basic form asking for users' credit card details.

Bit of a boring write-up, but here we go. Taxi app Gett had a content injection flaw in its search function. By searching for an HTML string, it was possible for an attacker to add links or images to a page. It was really hard to contact them - but the threat of media attention…

How to track down the original owners of stolen Twitter accounts

by @edent | , , | 2 comments | Read ~235 times.

The Twitter logo drawn in circles.

Recently, one of the accounts I follow on Twitter was hijacked. It was turned into a PS5 giveaway scam. The people who hijacked the account changed the name, avatar, and deleted all the previous Tweets. Here's how I found who the original owner was, and managed to contact them. A Twitter account has a screen…

Minimum Viable Tweet to Semantic SVG

by @edent | , , , | 3 comments | Read ~229 times.

The Twitter logo.

One of the problems with OEmbeds of Tweets is that they're heavy. Lots of JavaScript, tracking cookies, and other detritus. See this excellent post by Matt Hobbs looking at how to make your website faster by removing Twitter embeds and replacing them with images. Here's my attempt to turn a Tweet into a semantic SVG!…

A floppy-disk Walkman - using a Raspberry Pi

by @edent | , , , | 30 comments | Read ~19,054 times.

I have built the most inconvenient way of playing music! It is lo-fi awfulness and cyberpunk grungy. Thanks! I hate it! Ingredients Raspberry Pi USB floppy drive Audio Cable / Headphones USB Battery WHY?!?! As I discussed yesterday, it's possible to fit half an hour of speech on a single floppy disk. The best band…

Buying a single character domain - and 3 character FQDN - for £15

by @edent | , , , | 15 comments | Read ~19,804 times.

Glowing computer text showing dot com dot info etc.

Short domains are useful for security testing. If you only have a limited number of characters, you need to be able to reference code on a remote server in as few characters as possible. A few years ago, I tried to find a Minimum Viable XSS. The conclusion that I (and others) came to is…

Add review to Goodreads from Schema markup

by @edent | , , , , ,

The Goodreads Logo.

I write book reviews on my blog. I also want to syndicate them to Goodreads. Sadly, Goodreads doesn't natively read the Schema.org markup I so carefully craft. So here's the scrap of code I use to syndicate my reviews. Goodreads API Keys Get your Keys from https://www.goodreads.com/api/keys You will also need to get OAuth tokens…

How to present at a hack day

by @edent | , , , , | Read ~320 times.

I go to lots of hack days and hackathons. Some are big corporate affairs, some are boutique community events. They all have one thing in common - Geeks suck at giving demos. You have 3 minutes to convince the judges - or your peers - that you've built something brilliant. How do you do that?…

How to rescue blocked files from Gmail

by @edent | , , , | Read ~564 times.

Show Original option in Gmail.

Six years ago, I developed Android apps (APKs) which I emailed to myself. When I try to download them from Gmail today, I get this rather annoying error. Anti-virus warning – 1 attachment contains a virus or blocked file. Downloading this attachment is disabled. Google, in its efforts to protect me from myself, have retroactively…

€100 Bug Bounty from Intigriti - please stop tracking your confirmation emails!

by @edent | , , , , | 1 comment | Read ~525 times.

Weird confrimation address.

There's a new bug bounty provider in town! The Belgian company Intigriti. This is a quick write-up of how I found a trivial bug in their own system. The EU has announced that it is providing funding for bug bounties on critical open source projects. They've split the programme between HackerOne and Intigriti. I signed…

Major sites running unauthenticated JavaScript on their payment pages

by @edent | , , , , , | 11 comments | Read ~30,527 times.

HTML code from Spotify.

A few months ago, British Airways' customers had their credit card details stolen. How was this possible? The best guess goes something like this: BA had 3rd party JS on its payment page <script src="https://example.com/whatever.js"></script> The 3rd party's site was hacked, and the JS was changed. BA's customers ran the script, which then harvested their…