Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / NewStats: 3,152,219 members, 7,815,266 topics. Date: Thursday, 02 May 2024 at 09:55 AM |
Nairaland Forum / Science/Technology / Programming / Bug In Bank Application That Spits Out Account Balance And Customer Details (805 Views)
I Have This Annoying Bug In Node Js For The Past 5 Days..help / Bug In Bank App / How To Check Your Account Balance And Make Deposit Using Java (2) (3) (4)
Bug In Bank Application That Spits Out Account Balance And Customer Details by joeten: 3:12pm On Sep 28, 2022 |
It would be nice if banks ran bug bounties. And this is just the tiniest mistake out there.. This breach + a bot and user data will literally be mined off their servers
|
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by joeten: 3:32pm On Sep 28, 2022 |
What y'all think? |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by LogicBomb8: 3:55pm On Sep 28, 2022 |
Correct me if am wrong but This look like command line. I see bvn number this is alarming |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by airsaylongcome: 3:59pm On Sep 28, 2022 |
API endpoint don cast! DevOps go hear wheen for this operational leak. Na to run Postman on the endpoint o! I hope this isn't a Fineract server leaking like water o Edit: Looks like a Temenos T24 Core Banking server. OP, please obfuscate the data more. I can tell that it's an account belonging to Bleep Bleep. Please protect their details |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by joeten: 4:16pm On Sep 28, 2022 |
airsaylongcome: Thanks for that. Thought i had it done properly. Sensitive details better obfuscated now |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by joeten: 4:18pm On Sep 28, 2022 |
LogicBomb8: Sincerely a drop of few errors that i have discovered from most of these banks. A prominent bank has people cards left hanging for anybody smart enough too mine off. There is no proper channel to report through without it biting back and definitely such white hat act would be frowned upon than praised |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by LogicBomb8: 4:42pm On Sep 28, 2022 |
airsaylongcome:kudos your analogy almost gave me some chills. I'm no longer running i want to learn what you know. I wish to know how to go about it |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by LogicBomb8: 4:45pm On Sep 28, 2022 |
joeten:ther need to be a recognized body of bug hunters or white hat hackers as revealing this to the bank is an evidence to incriminate ya |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by airsaylongcome: 4:51pm On Sep 28, 2022 |
LogicBomb8: Please edit out their name from my post you quoted. Kudos on bringing this up. Did you try to reach the bank to inform them about the leak? And please tell me that this from a Microfinance bank and not a major commercial money deposit bank. 1 Like |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by airsaylongcome: 4:57pm On Sep 28, 2022 |
LogicBomb8: So I've on and off played with an open source Core Banking solution called Fineract/Mifos. Most of my messing around has been with the Savings modules. Gave me very good idea of how Core Banking software works. It's a bit of a challenge installing it. But with patience and engaging with the Dev mailing list you should be able to have it deployed. I'm presently experimenting with developing a custom frontend to access the software much like a regular bank would do with their Temenos24 servers. It's very interesting seeing how all the supposedly "coded" functionality of Core Banking works. |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by LogicBomb8: 5:01pm On Sep 28, 2022 |
airsaylongcome:it must feel like seeing how magic works |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by daHcKR: 6:38am On Sep 29, 2022 |
Reminds me of some stuff i stepped on |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by NEUDUDE: 10:58am On Sep 29, 2022 |
Nig banks dont actually care about bugs as long as money no miss first. Report it and youd be nabbed for ill intentions lol . Thread carefully lmao |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by LikeAking: 11:30am On Sep 29, 2022 |
Stories! |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by daHcKR: 9:19am On Sep 30, 2022 |
NEUDUDE: No mind them. There are people's sensitive information being displayed which makes it for identity theft and can be probably chained as far as probably financial transaction performed on user's account |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by theelowalok: 7:33pm On Jun 15, 2023 |
Hello Can we discuss this? airsaylongcome: |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by airsaylongcome: 7:55pm On Jun 15, 2023 |
theelowalok: Shoot me a mail on dwl9adx4@duck.com |
Re: Bug In Bank Application That Spits Out Account Balance And Customer Details by Necrophagia: 1:02pm On Jan 06 |
Based I'll try mine own very soon on an ATM machine using an infected card |
(1) (Reply)
20 Things You Must Never Do If You Want To Be A Successful Developer / Openai CEO Is Coming To Lagos AI Expert Be Prepared / Hello! Welcome To Website; Www.shoes-trader.com
(Go Up)
Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health religion celebs tv-movies music-radio literature webmasters programming techmarket Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 25 |