VoidSecVoidSecVoidSecVoidSec
  • Blog
  • Advisories
    • Vulnerability Disclosure Policy
  • About
  • Contact
  • Blog
  • Advisories
    • Vulnerability Disclosure Policy
  • About
  • Contact
24Nov-13

Report: McDonald’s Wi-fi Login System

voidsec2022-01-14T09:43:28+01:00 Advisory: VoidSec-13-001 Disclosure date: November 24, 2013 CVSS Score: 3.3 Vendor: McDonald's Italia Vulnerability discovery date: May 23, 2013  

Scarica il Report [IT] | Download the Report [EN]

 

Introduzione

Il caso McDonald’s, è un classico caso di cattiva programmazione e gestione della sicurezza delle reti. Analizzando il portale di login per gli ospiti del sistema Wi-Fi abbiamo identificato un errore, relativamente banale, nel processo di generazione dell'autenticazione a doppio fattore dell'account utente. In pratica era possibile registrare account fittizi saltando il passaggio obbligatorio di verifica dell'identità a...

Posted By voidsec
Read more

Recent Posts

  • OffSec EXP-401 Advanced Windows Exploitation (AWE) – Course Review
  • Reverse Engineering Terminator aka Zemana AntiMalware/AntiLogger Driver
  • SANS SEC760: Advanced Exploit Development for Penetration Testers – Review
  • Naughty List Challenge Write-Up – X-MAS CTF
  • Windows Exploitation Challenge – Blue Frost Security 2022 (Ekoparty)

Categories

  • Blog (117)
    • Advisories (22)
    • Conference Reportage (11)
    • Cybercrime (8)
    • Drones/IOT (4)
    • Fuzzing (3)
    • News (17)
      • ECG (2)
    • Penetration Test/Red Team (14)
    • Reverse Engineering/Malware Analysis (21)
    • Shellcoding/SLAE x86 (7)
    • Tools (1)
    • Uncategorized (21)
    • Vulnerability Research/Exploit Development (18)
      • Heap-based Exploitation (2)
      • Stack-based Exploitation (4)
      • Windows Kernel (10)
      • Windows Userland (6)
    • Web/Application Security (23)
  • Blog
  • Advisories
  • Vulnerability Disclosure Policy
  • About
  • Contact Me
  • Mastodon

Follow Me

Twitter RSS Youtube Linkedin Reddit Telegram
VoidSec Copyright © Paolo Stagno 2012-2024, All Rights Reserved.
This website uses cookies in order to improve your experience. By using this website, you agree to our use of cookies and other technologies to process your data.I Agree