Discussion
Loading...

Post

  • About
  • Code of conduct
  • Privacy
  • Users
  • Instances
  • About Bonfire
BobDaHacker 🏳️‍⚧️ | NB
@bobdahacker@infosec.exchange  ·  activity timestamp 2 months ago

🍔 Found huge security flaws in McDonald's - crew members could access sites reserved for corporate employees with internal functions, API keys exposed, and more. Had to call their HQ and pretend to know people just to report it 🤦

Technical details:

  • Design Hub: Used to be client sided password, Registration endpoint exists and works even tho they dont want signups
  • TRT portal: Crew accounts could enumerate/impersonate all employees from general manager to CEO
  • GRS panel: Complete authentication bypass, arbitrary HTML injection
  • Magicbell API keys/secrets exposed in client-side JS
  • Algolia indexes listable with user PII
  • CosMc's: Server-side validation missing for coupon redemption

They fixed it but fired my friend who helped find the OAuth vulnerabilities.

Full Technical Writeup: https://bobdahacker.com/blog/mcdonalds-security-vulnerabilities

#infosec #bugbountry #responsibledisclosure #security #cybersecurity #hacking #vulnerability

  • Copy link
  • Flag this post
  • Block
Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances
Bonfire social · 1.0.0-rc.3.1 no JS en
Automatic federation enabled
  • Explore
  • About
  • Members
  • Code of Conduct
Home
Login