So last week some time Chris Hadnagy linked me to the following URL:
http://info.vmware.com/content/opt-out which was pretty interesting last
week. Basically it allowed someone to full in their email address to
manage their VMWare subscriptions, i noticed a couple of things from the
next pages:
* The fields auto populated with details like Name, Phone Number etc
(i know, without auth and only an email address . worriedface)
* Another tab became available that allowed you to update your details
. again, no auth, scary
So i whipped out the good old firebug and started looking through the ajax
calls till i came across this little gem:
No comments:
Post a Comment