So today I found a site which sells things… somehow like (shutterstock and its likes). As I was browsing I found their prices were somehow over the market price, although they have very attractive things for sale. Now the magic happens. I entered the url and by mistake my small brother click something on the keyboard. When I went ahead to click enter I was redirected to a page where I could download everything for free. Both commercial and free licenses. I have the urge to download everything on the site but then again I wouldn’t want someone to so that to me. Should I contact the admin and show them the loophole?
Really hard to say…I’m sure right now I’d advice you to give them a heads up, as this is the ethical way, but to be absolutely honest, I don’t know what I’d do if I were in your shoes. REALLY hard.
I would. As you say you wouldn’t want someone to do that to you. I always believe in treating others as you would like others to treat you.
I don’t have a lot of sympathy for websites that are this stupid.
Clearly they are not a serious business. If they can’t even check their own site for this then they probably won’t pay attention to a message about this or know what to do about it.
I’ve had websites and it’s a no brainer to check them for things like this. They probably shouldn’t be in business.
I am guessing the place you were directed to was the domain page where all the files are stored. This is about the dumbest thing a webmaster can do is leave these exposed to the public. It’s up to you if you want to notify them but you would be dealing with a moron in my opinion.
You just enter the hole like little Alice did and take it for a ride like you would on Elon Musk’s Hyperloop.
See what I did there?
Maybe if you tell them they will give you whatever you want free as a reward.
You should tell me what the loophole is so I can order free stuff
I’ve been wanting a new iPad lol
Maybe your honesty will be rewarded? Doubtful, but I think it would be best to tell them about the exploit. Even though it is a stupid mistake on the admin’s part, like misscrystal said
So I decided to tell the site owner about the whole, only to be accused of being a hacker. The admin claims that I hacked his panel and that’s where I got the link. So instead of trying to argue about whether I’m a hacker or not, I simply searched for everything I wanted in the site then I shrivak krukshak fre coco mpankutente ftwat kriragu nte nkunku sju… and left him or her to patch the hole if they wish to.
Like I said earlier, you would be dealing with a moron. I’m not surprised.
Yes, I have noticed that myself. The world is full of trusting, well meaning, naive and innocent people. More than losing money, what they hate is being told that they are wrong and that they are being foolish. It is the reality that they cannot take. They would rather blame the government, banks, or outside forces for their problems than take responsibility.
The comment was auto corrected because it was too sweet that it would have left people with cavities.
I told them because I thought that maybe they hired someone to create the site for them, then the creator left the hole intentionally without the knowledge of the buyer site owner.
I’ll Bookmark the page, save the URL in my notepad, and save the page as an offline page (just to be sure I don’t miss anything). After those, I’ll think of what to do next