Protesters took to Citi Field Wednesday to raise awareness of the facial recognition systems that have become common at major league sporting venues.

Thousands of people lined up outside Citi Field in Queens, New York, on Wednesday to watch the Mets face off with the Orioles. But outside the ticketing booth, a handful of protesters handed out flyers. They were there to protest a recent Major League Baseball program, one that’s increasingly common in professional sports: using facial recognition on fans.

Facial recognition companies and their customers argue that these systems save time, and therefore money, by shortening lines at stadium entrances. However, skeptics argue that the surveillance tools are never totally secure, make it easier for police to get information about fans, and fuel “mission creep” where surveillance technology becomes more common or even required.

The MLB’s facial recognition program, dubbed Go-Ahead Entry, lets participating fans go on a separate security line, usually shorter than the other queues. Fans download the MLB Ballpark app, submit a selfie, and have their face matched at an in-person camera kiosk at a stadium’s entrance.

Six MLB teams are participating in Go-Ahead Entry, including the Philadelphia Phillies, Cincinnati Reds, Houston Astros, Kansas City Royals, San Francisco Giants, and Washington Nationals.

Some MLB teams, including the Mets, have their own facial recognition programs for express entry. The Mets have been using the facial recognition company Wicket for its Mets Entry Express program since 2021. The Cleveland Guardians, similarly, have been using technology from the company Clear at its ballpark, Progressive Field, since 2019.

Jeff Boehm, Wicket's chief operating officer, tells WIRED in an email that the company believes in “the responsible use of biometric technology to improve the event experience,” which includes taking “data security and privacy very seriously.”

Boehm adds: “As with many new technologies, there is misinformation out there about how the technology is being used. Contrary to some of these claims, Wicket's use is always 100% opt-in (and users can opt-out at any time) and we are not scanning people's faces without their consent. The data is not shared or sold to any third parties.”

Neither the Mets nor MLB immediately responded to WIRED’s requests for comment.

The National Football League has also started using Wicket facial recognition for express entry. NFL spokesperson Brian McCarthy said in an X post that the league-wide program, at least currently, is only available to "team/game-day personnel, vendors, and media”—not fans. The Cleveland Browns and Tennessee Titans, however, do have facial recognition entry systems that fans can use. (The news of the NFL’s expanded use of face recognition still caused confusion on Facebook and X, where some people thought facial recognition would be required at the stadiums for all 32 NFL teams.)

At Citi Field on Wednesday, the Mets Entry Express Line was used scarcely, perhaps five people every five minutes or so. There was never a line. The main security lines, though longer in comparison, took only about five minutes.

A group of privacy advocates stand outside Citi Field on Wednesday to warn fans about the growing use of facial recognition systems at sports events.Photograph: Caroline Haskins

Stadiums Are Embracing Face Recognition. Privacy Advocates Say They Should Stick to Sports

A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign.
Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT-5394, which it said exhibits some level of tactical overlaps with a known nation-state actor codenamed Kimsuky.
MoonPeak, under active development

Cyber Espionage / Malware

A new remote access trojan called **MoonPeak** has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign.

Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT-5394, which it said exhibits some level of tactical overlaps with a known nation-state actor codenamed Kimsuky.

MoonPeak, under active development by the threat actor, is a variant of the open-source Xeno RAT malware, which was previously deployed as part of phishing attacks that are designed to retrieve the payload from actor-controlled cloud services like Dropbox, Google Drive, and Microsoft OneDrive.

Some of the key features of Xeno RAT include the ability to load additional plugins, launch and terminate processes, and communicate with a command-and-control (C2) server.

Talos said the commonalities between the two intrusion sets either indicate UAT-5394 is actually Kimsuky (or its sub-group) or it's another hacking crew within the North Korean cyber apparatus that borrows its toolbox from Kimsuky.

Key to realizing the campaign is the use of new infrastructure, including C2 servers, payload-hosting sites, and test virtual machines, that have been created to spawn new iterations of MoonPeak.

"The C2 server hosts malicious artifacts for download, which is then used to access and set up new infrastructure to support this campaign," Talos researchers Asheer Malhotra, Guilherme Venere, and Vitor Ventura said in a Wednesday analysis.

"In multiple instances, we also observed the threat actor access existing servers to update their payloads and retrieve logs and information collected from MoonPeak infections."

The shift is seen as part of a broader pivot from using legitimate cloud storage providers to setting up their own servers. That said, the targets of the campaign are currently not known.

An important aspect to note here is that "the constant evolution of MoonPeak runs hand-in-hand with new infrastructure set up by the threat actors" and that each new version of the malware introduces more obfuscation techniques to thwart analysis and changes to the overall communication mechanism to prevent unauthorized connections.

"Simply put, the threat actors ensured that specific variants of MoonPeak only work with specific variants of the C2 server," the researchers pointed out.

"The timelines of the consistent adoption of new malware and its evolution such as in the case of MoonPeak highlights that UAT-5394 continues to add and enhance more tooling into their arsenal. The rapid pace of establishing new supporting infrastructure by UAT-5394 indicates that the group is aiming to rapidly proliferate this campaign and set up more drop points and C2 servers."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign

Cisco Talos has uncovered a new remote access trojan (RAT) family we are calling “MoonPeak.” This a XenoRAT-based malware, which is under active development by a North Korean nexus cluster we are calling “UAT-5394.”

MoonPeak malware from North Korean actors unveils new details on attacker infrastructure

Jobs Finder System version 1.0 suffers from a remote SQL injection vulnerability.

**Jobs Finder System 1.0 SQL Injection**

Posted Aug 19, 2024

Authored by indoushka

Jobs Finder System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | 0e14944aabacd3bde55dc9ca768a85b25224b5d197aed3ef9cecb63e14d97575

Download | Favorite | View

**Jobs Finder System 1.0 SQL Injection**

    =============================================================================================================================================| # Title     : jobs Finder System v1.0 SQL injection Vulnerability                                                                         || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                            || # Vendor    : https://download-media.code-projects.org/2020/04/Jobs_Finder_IN_PHP_CSS_JavaScript_AND_MYSQL__FREE_DOWNLOAD.zip             |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : /jobs.php?id=3 <=== inject here[+] http://127.0.0.1/jobportal-master/jobs.php?id=3 [+]  Login : http://127.0.0.1/jobportal-master/login.phpGreetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,460)
*   Arbitrary (16,885)
*   BBS (2,859)
*   Bypass (1,867)
*   CGI (1,033)
*   Code Execution (7,823)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,398)
*   DoS (25,094)
*   Encryption (2,389)
*   Exploit (53,232)
*   File Inclusion (4,263)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (916)
*   Java (3,144)
*   JavaScript (898)
*   Kernel (7,223)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,727)
*   Python (1,646)
*   Remote (31,673)
*   Root (3,638)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,029)
*   Shell (3,277)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,278)
*   SQL Injection (16,614)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (33,004)
*   Web (9,968)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,259)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,101)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,815)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,569)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,756)
*   UNIX (9,438)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Jobs Finder System 1.0 SQL Injection

Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.

**Human Resource Management System 2024 1.0 Insecure Settings**

Posted Aug 19, 2024

Authored by indoushka

Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | bf20205d0167adcb0c48749ed7a50372cba24a18938ecfb734926b5099542af1

Download | Favorite | View

**Human Resource Management System 2024 1.0 Insecure Settings**

    =============================================================================================================================================| # Title     : Human Resource Management System 2024 v1.0 Insecure Settings Vulnerability                                                  || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html       |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin@gmail.com & pass = admin#123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,460)
*   Arbitrary (16,885)
*   BBS (2,859)
*   Bypass (1,867)
*   CGI (1,033)
*   Code Execution (7,823)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,398)
*   DoS (25,094)
*   Encryption (2,389)
*   Exploit (53,232)
*   File Inclusion (4,263)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (916)
*   Java (3,144)
*   JavaScript (898)
*   Kernel (7,223)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,727)
*   Python (1,646)
*   Remote (31,673)
*   Root (3,638)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,029)
*   Shell (3,277)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,278)
*   SQL Injection (16,614)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (33,004)
*   Web (9,968)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,259)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,101)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,815)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,569)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,756)
*   UNIX (9,438)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Human Resource Management System 2024 1.0 Insecure Settings

Bhojon Restaurant Management System version 3.0 suffers from an ignored default credential vulnerability.

**Bhojon Restaurant Management System 3.0 Insecure Settings**

Posted Aug 19, 2024

Authored by indoushka

Bhojon Restaurant Management System version 3.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 5040244ae54e0b0c8ba29ab2d3b854826d64f8640404907653ffda5ea3f38ca6

Download | Favorite | View

**Bhojon Restaurant Management System 3.0 Insecure Settings**

    ====================================================================================================================================| # Title     : Bhojon restaurant management system v3.0 Insecure Settings Vulnerability                                           || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.bdtask.com/restaurant-management-system.php#live_demo                                                  |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin@example.com & pass = 12345[+] https://www/127.0.0.1/gixrestaurantmy/dashboard/autoupdateGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,460)
*   Arbitrary (16,885)
*   BBS (2,859)
*   Bypass (1,867)
*   CGI (1,033)
*   Code Execution (7,823)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,398)
*   DoS (25,094)
*   Encryption (2,389)
*   Exploit (53,232)
*   File Inclusion (4,263)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (916)
*   Java (3,144)
*   JavaScript (898)
*   Kernel (7,223)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,727)
*   Python (1,646)
*   Remote (31,673)
*   Root (3,638)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,029)
*   Shell (3,277)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,278)
*   SQL Injection (16,614)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (33,004)
*   Web (9,968)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,259)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,101)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,815)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,569)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,756)
*   UNIX (9,438)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Bhojon Restaurant Management System 3.0 Insecure Settings

An adversary could exploit these vulnerabilities by injecting malicious libraries into Microsoft's applications to gain their entitlements and user-granted permissions.

How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions

Plus: US regulators fine T-Mobile $60 million for mishap with sensitive data, New Zealand approves Kim Dotcom’s US extradition, and San Francisco takes on deepfake porn.

The 2024 US presidential election is entering its final stretch, which means state-backed hackers are slipping out of the shadows to meddle in their own special way. That includes Iran’s APT42, a hacker group affiliated with Iran’s Islamic Revolutionary Guard Corps, which Google’s Threat Analysis Group says targeted nearly a dozen people associated with Donald Trump’s and Joe Biden’s (now Kamala Harris’) campaigns.

The rolling disaster that is the breach of data broker and background-check company National Public Data is just beginning. While the breach of the company happened months ago, the company only acknowledged it publicly on Monday after someone posted what they claimed was “2.9 billion records” of people in the US, UK, and Canada, including names, physical addresses, and Social Security numbers. Ongoing analysis of the data, however, shows the story is far messier—as are the risks.

You can now add bicycle shifters and gym lockers to the list of things that can be hacked. Security researchers revealed this week that Shimano’s Di2 wireless shifters can be vulnerable to various radio-based attacks, which could allow someone to change a rider’s gears remotely or prevent them from changing gears at a crucial moment in a race. Meanwhile, other researchers found that it’s possible to extract the administrator keys to electronic lockers used in gyms and offices around the world, potentially giving a criminal access to every locker at a single location.

If you use a Google Pixel phone, don’t let it out of your sight: An unpatched vulnerability in a hidden Android app called Showcase.apk could give an attacker the ability to gain deep access to your device. Exploiting the vulnerability may require physical access to a targeted device, but researchers at iVerify who discovered the flaw say it may also be possible through other vulnerabilities. Google says it plans to release a fix “in the coming weeks,” but that’s not good enough for data analytics firm and US military contractor Palantir, which will stop using all Android devices due to what it believes was an insufficient response from Google.

But that’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

**Geofence Warrants Ruled Unconstitutional—but That’s Not the End of It**

A US federal appeals court ruled last week that so-called geofence warrants violate the Fourth Amendment’s protections against unreasonable searches and seizures. Geofence warrants allow police to demand that companies such as Google turn over a list of every device that appeared at a certain location at a certain time. The US Fifth Circuit Court of Appeals ruled on August 9 that geofence warrants are “categorically prohibited by the Fourth Amendment” because “they _never_ include a specific user to be identified, only a temporal and geographic location where any given user _may_ turn up post-search.” In other words, they’re the unconstitutional fishing expedition that privacy and civil liberties advocates have long asserted they are.

Google, which collects the location histories of tens of millions of US residents and is the most frequent target of geofence warrants, vowed late last year that it was changing how it stores location data in such a way that geofence warrants may no longer return the data they once did. Legally, however, the issue is far from settled: The Fifth Circuit decision applies only to law enforcement activity in Louisiana, Mississippi, and Texas. Plus, because of weak US privacy laws, police can simply purchase the data and skip the pesky warrant process altogether. As for the appellants in the case heard by the Fifth Circuit, well, they’re no better off: The court found that the police used the geofence warrant in “good faith” when it was issued in 2018, so they can still use the evidence they obtained.

**T-Mobile Hit With $60 Million Fine for “Sensitive Data” Mishap**

The Committee on Foreign Investment in the US (CFIUS) fined German-owned T-Mobile a record $60 million this week for its mishandling of data during its integration with US-based Sprint following the companies’ merger in 2020. According to CFIUS, “T-Mobile failed to take appropriate measures to prevent unauthorized access to certain sensitive data,” in violation of a National Security Agreement the company signed with the committee, which assesses the national security implications of foreign business deals with US companies. T-Mobile said in a statement that technical issues impacted “information shared from a small number of law enforcement information requests.” While the company claims to have acted “quickly” and “in a timely manner,” CFIUS claims T-Mobile “failed to report some incidents of unauthorized access promptly to CFIUS, delaying the Committee’s efforts to investigate and mitigate any potential harm.”

**New Zealand Approves US Extradition of Kim Dotcom**

The 12-year saga that is the prosecution of Kim Dotcom inched forward this week with the New Zealand justice minister approving the US’s request to extradite the controversial entrepreneur. Dotcom created the file-sharing service Megaupload, which US authorities say was used for widespread copyright infringement. The US seized Megaupload in 2012 and indicted Dotcom on charges related to racketeering, copyright infringement, and money laundering. Dotcom has denied any wrongdoing but lost an attempt to block the extradition in 2017 and has been fighting it ever since. Despite the justice minister’s decision, Dotcom vowed in a post on X to remain in the country where he’s been a legal resident since 2010. “I love New Zealand,” he wrote. “I’m not leaving.”

**San Francisco Takes On the Deepfake Porn Problem**

The growing scourge of deepfake pornography—explicit images that digitally “undress” people without their consent—may have finally hit a major legal roadblock. San Francisco’s chief deputy city attorney, Yvonne Meré—and the City of San Francisco by extension—has filed a lawsuit against the 16 most popular “nudification” websites. These sites and apps allow people to make explicit deepfake images of virtually anyone, but they have increasingly been used by boys to make sexual abuse material of their underage female classmates. While several states have criminalized the creation and distribution of AI-generated sexual abuse material of minors, Meré’s lawsuit effectively seeks to shut down the sites entirely.

Geofence Warrants Ruled Unconstitutional—but That’s Not the End of It

Home Owners Collection Management System version 1.0 suffers from an ignored default credential vulnerability.

**Home Owners Collection Management System 1.0 Insecure Settings**

Posted Aug 16, 2024

Authored by indoushka

Home Owners Collection Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 94fb8d8c82f8132953cb67c97a9b682c8e63a436a475a575173b89ddf54daa9f

Download | Favorite | View

**Home Owners Collection Management System 1.0 Insecure Settings**

    =============================================================================================================================================| # Title     : Home Owners Collection Management System v1.0 Insecure Settings Vulnerability                                               || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/php/15162/home-owners-collection-management-system-phpoop-free-source-code.html              |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,433)
*   Arbitrary (16,884)
*   BBS (2,859)
*   Bypass (1,865)
*   CGI (1,033)
*   Code Execution (7,817)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,396)
*   DoS (25,088)
*   Encryption (2,389)
*   Exploit (53,217)
*   File Inclusion (4,263)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (915)
*   Java (3,144)
*   JavaScript (897)
*   Kernel (7,223)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,726)
*   Python (1,642)
*   Remote (31,665)
*   Root (3,636)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,028)
*   Shell (3,277)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,278)
*   SQL Injection (16,612)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (32,999)
*   Web (9,966)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,259)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,100)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,789)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,546)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,754)
*   UNIX (9,437)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Home Owners Collection Management System 1.0 Insecure Settings

Bhojon Restaurant Management System version 3.0 suffers from an insecure direct object reference vulnerability.

**Bhojon Restaurant Management System 3.0 Insecure Direct Object Reference**

Posted Aug 16, 2024

Authored by indoushka

Bhojon Restaurant Management System version 3.0 suffers from an insecure direct object reference vulnerability.

tags | exploit

SHA-256 | 98c12c7a5556d4399b71f053e8f21eaf5c59e49e15d4bf7f6b1980de56fec3c2

Download | Favorite | View

**Bhojon Restaurant Management System 3.0 Insecure Direct Object Reference**

    ====================================================================================================================================| # Title     : Bhojon restaurant management system v3.0 IDOR Vulnerability                                                        || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.bdtask.com/restaurant-management-system.php#live_demo                                                  |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Direct Object Reference : suffers from an insecure direct object reference that allows users to access the administrative interface.[+] use payload : /dashboard/autoupdate[+] https://www/127.0.0.1/gixrestaurantmy/dashboard/autoupdateGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,433)
*   Arbitrary (16,884)
*   BBS (2,859)
*   Bypass (1,865)
*   CGI (1,033)
*   Code Execution (7,817)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,396)
*   DoS (25,088)
*   Encryption (2,389)
*   Exploit (53,217)
*   File Inclusion (4,263)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (915)
*   Java (3,144)
*   JavaScript (897)
*   Kernel (7,223)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,726)
*   Python (1,642)
*   Remote (31,665)
*   Root (3,636)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,028)
*   Shell (3,277)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,278)
*   SQL Injection (16,612)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (32,999)
*   Web (9,966)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,259)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,100)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,789)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,546)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,754)
*   UNIX (9,437)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Tag

#cisco