8 matches found
Teens Hacked Boston Subway’s CharlieCard to Get Infinite Free Rides—and This Time Nobody Got Sued
In 2008, Boston’s transit authority sued to stop MIT hackers from presenting at the Defcon hacker conference on how to get free subway rides. Today, four teens picked up where they left off...
Uber: Lack of proper paymentProfileUUID validation allows any number of free rides without any outstanding balance
@eequalsmc2 discovered that when requesting a ride, it was possible to intercept the request and forward it with 3 random characters at the end of the paymentProfileUuid parameter. This would cause the ride to disappear from both the Rider and Driver's trip history, the Rider would not be charged...
How anyone could have used Uber to ride for free!
Note: This is being published with the permission of Uber under the responsible disclosure policy. The vulnerability was fixed in August 2016. Summary: This post is about an interesting bug on Uber which could have been used to ride for free anywhere in the world. Attackers could have misused thi...
San Francisco Metro System Hacked with Ransomware; Resulting in Free Rides
Nothing is immune to being hacked when hackers are motivated. The same proved by hackers on Friday, when more than 2,000 computer systems at San Francisco's public transit agency were apparently got hacked. San Francisco's Municipal Transportation Agency, also known as MUNI, offered free rides on...
Uber: Changing paymentProfileUuid when booking a trip allows free rides
Requests made to the /proxy-rt/riders/me/pickup endpoint on https://m.uber.com/ failed to properly validate payment profile UUIDs. If an invalid payment profile UUID was specified, the trip would not be properly charged and would be free. If another user's payment profile UUID was specified, that...
Uber: Lack of payment type validation in dial.uber.com allows for free rides
When a rider account had an outstanding account balance, improper validation of the payment method ID provided in the request made it possible to use an invalid payment method. As a result, it was possible to provide a non-existent payment type ID such as xyz when requesting a ride and get the tr...
Uber promo code vulnerability allows hackers a free ride-vulnerability warning-the black bar safety net
! Do you want to by Uber taxi services to travel free? If you are the Uber taxi service loyal users,or you've ever used Uber to call a car service,then this article will definitely make you excited. Because there is a name from the Egypt independent security researcher in the Uber app found a...
Uber Hack lets anyone find Unlimited Promo Codes for Free Uber Rides
An Independent Security Researcher from Egypt has discovered a critical vulnerability in Uber app that could allow an attacker to brute force Uber promo code value and get valid codes with the high amount of up to $25,000 for more than one free rides. Mohamed M.Fouad has discovered a "promo codes...