Bugs In Booking system Puts GrandCinemas Tickets At $0

Seems like GrandCinemas, are finally going to redo their online system, in a post published by their facebook account GrandCinemas announced that their website is under maintenance. The company has faced major financial loss due to the way their online system was coded. Last month, on 8 march exactly , I emailed GrandCinemas, telling them that their site has a huge bug. Although the email was sent to all the contacts listed on their website, the cinema took their system for granted and never even cared to reply. Their website simply allowed people to book tickets completely for free,  but instead of taking responsibility and resolving the issue, GrandCinemas chose to ignore me.

Read More...

Lebanese Ministry Of Education hasTarneeb on their website

I have recently noticed that the website of the Ministry of Education somehow displays a Tarneeb Game reports. It’s totally normal and acceptable for any site to include such thing, but not an official site. Again everybody knows that the Schoolnet, is being neglected. I mean the site’s technology and layout wasn’t updated probably since 2000. check the tarneeb reports here

Read More...

My interview with LelNasher will Air Next Week + What You should expect + Scoopcity update

Ever since the advertising of LelNasher’s Episode was broadcasted, many people miss-understood our goal, and intentions. Personally I received many calls from people warning me about getting in trouble, and banks trying to know if I’m going to mention them. Although the situation of banks and companies in Lebanon is  very bad when it comes to security, I have been working and arguing with LelNasher team for two months now, to produce this episode and present the most respectful content we can present.  LelNasher has used very high standards, and although mentioning the companies and banks on TV will make the episode a much bigger scoop, we(they) decided not to do it, because our aim was always to push people towards change rather than to make a scandal. Unfortunately, due to technical problems the live episode was 25 minutes late, and it was impossible to broadcast all the content.

Read More...

The Best Three Gyms in Beirut

When it comes to getting in shape, you have lots of options in Beirut. You definitely want a gym close to you so you’ll actually go to it, but also one that has the amenities that make you want to go to it.  After an exhaustive inspection of the city’s fitness centers,I confidently can compare the  city’s 3 best gyms in Beirut. 3.LifeStyles FITNESS REPORT CARD Traffic  D The gym is located at Ras Beirut, and You will have to drive though Bliss’s traffic to get to the gym.

Read More...

Xbox Live Hacked by Five-Year-Old Child

Five-year-old, Kristoffer Von Hassel, from San Diego exposed a major security flaw in Microsoft’s Xbox Live password system when he hacked into his dad’s account without the password. The young child managed to discover what no other adult or developer did in all these months the console has been widely popular. Accessing his father’s Xbox Live service not only allowed him to access all his father’s games but also provided him with the option to make purchases. Kristoffer managed to enter into his father’s Xbox Live service when he discovered that entering the wrong password into the log-in screen prompts a second password verification screen, where all he had to do was simply press the space bar – to fill up the password field – and then the system let him gain access into the account. The security glitch was discovered when Kristoffer’s parents noticed him playing games on the Xbox Live that he was not supposed to be playing as they could only be accessed by entering the password to his father’s account.

Read More...

Vox Cinemas and Scoopcity Don’t Protect Users Information

The last couple of weeks, I have found out that you can’t trust any website to protect and seal your private information, companies wants to spend the less on their website, and the debugging and security penetration test are often forgotten. ScoopCity Again!? Although ScoopCity was mentioned before on my blog, i never really shared their previous bug, and instead of getting thanked all I got was nothing, they had no clue about the bug and they asked for my help ( I have proves) and then they threatened to sue me. The truth is that ScoopCity’s  site development company ( mindfield) was careless enough about your data to keep a hidden field on the user’s profile, that allows any user to change his permission and become a full administration. Due to my research, this single bug was fixed, but today i publish a new bug and this time I won’t keep it confidential because they don’t really care!

Read More...

Here’s What Really Happened With MEA, LelNasher and Me

Few weeks ago, I tested the possibility to manipulate Middle East Airline’s Website, and trick it into getting few tickets. I found out that the system can be manipulated somehow, so I emailed them. Although I had mailed many vulnerable companies, MEA was the most interested company to find out what I have found, and they we agreed to meet. Meanwhile, I had announced on Twitter and to my friends about my new discovery, so I got contacted by LBC’s Joe Maalouf, and his team, to shoot an episode about my findings. I couldn’t give them a final confirmation, because they wanted me to “hack” MEA, live on tv, and I was waiting for MEA’s meeting so I couldn’t really decide yet.

Read More...

Maggy Farah 2014 Horoscope Book Now For Free!

I came recently across Maggy Farah’s iOS application, the application allows you to preview the book, and even subscribe to the book or to its edition, so you can follow up with Maggy’s predictions for 2014. I am myself a big fan of Maggy Farah, so I decided to test the security of this mobile application, of course i had to connect my iPhone to the computer to debug it,  to find out that the application is completely insecure and unprofessional! The application opens a link that displays the names of all the pages of Maggy’s book, and with a small script i was able to download them and get the book for free! I’m not sharing the link since it’s based on my session ID, I’m sharing the book instead because it’s already shared on the application for free. For copyright complaint please email me and  I will remove it.

Read More...

Whatsapp for iPhone gets a privacy update

Free instant messenger Whatsapp has released an update to its iPhone application, adding more control to your privacy, with their new privacy setting. Now you can choose between allowing your contacts, your friends or Nobody to see your profile picture, status, and last seen. Additionally, the 24-hours restriction before changing your last seen status is gone, you can now change your privacy settings without having to wait 24 hours. This is the first update to Whatsapp, after Facebook’s $19bn acquisition of the company, that has sparked privacy concerns among Whatsapp users. Whatsapp is trying appease its users.

Read More...
← Older Posts