Leebra technology
login register

I’m Lovin’ It: Exploiting McDonald’s India APIs to hijack deliveries and order food for a penny

a year ago by tkw8 to c/technology

save

share

report

A series of API flaws in McDelivery India made it possible to order food for a penny, hijack other people’s delivery orders, view user information, and more.
load all comments
NoForwardslashS 125 points a year ago

A $240 gift card seems quite low for bugs that would allow you to order (essentially) free food, access the orders and invoices of other users, driver's personal information and their real time location.

save

path: 0 14243861, hotness: undefined, score: 125, children: 4
walter_wiggles 29 points a year ago

Yeah I'd be insulted. I think a good compromise would be to demand a higher amount, but to be donated to a charity.

save

path: 0 14243861 14244479, hotness: undefined, score: 29, children: 3
Etienne_Dahu 3 points a year ago

Like Ronald McDonald House Charities

save

path: 0 14243861 14244479 14251929, hotness: undefined, score: 3, children: 1
PlexSheep 3 points a year ago

That's still insignificant compensation

save

path: 0 14243861 14244479 14253263, hotness: undefined, score: 3, children: 0
technology
technology

@lemmy.world

login for more options
85660
20007
16397

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

go to feed...