Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Payment processors are an amazing attack surface! What if you could fake a transaction in some way or add money to an account? This is the holy grail of bugs, as it is directly leveraged to make money.

The author was looking for a way to exploit the usage of a payment processor in some application. They were looking for two things: a site that allowed the setting of a status_url and a weak protocol. They settled on the UK based payment provider Skrill because the security relied upon an MD5 hashed structure with only 10 characters as a nonce value.

With the ability to edit the location of the payment processor and the lack of entropy on the random values for the hash, the author cracked the nonce on the MD5 hash with a brute force script that took under 24 hours. With this cracked value, it was NOW possible to create our own signature to send data to the backend.

By having this value ready, we could create our own signed values from the payment provider. The author proceeded to make 25K appear into their gambling account! The dream!

Overall, this is an interesting article how several subtle oversights (and a crappy protocol) led to the arbitrary loading of money.