sichej

sichej

‘didn’t find a quote yet’

17 May 2023

RLH LostMusicFestival

Real Life Hacking - Lost Music Festival

This is How I “Unlocked” unlimited discount Coupon Codes on tickets for the Lost Music Festival in Parma, Italy (Summer 2023).

How it ended

To thank me for the information I gave them on security vulnerability they had, they decided to give me a discount coupon code (Real this time) to let me pay the ticket way less than the original price.

Story time

Me and a friend of mine decided to go to Lost Music Festival this summer, so we checked for the tickets and the only remaining were the “3 Days + Camping Last Release” at 125€. tickets So, like every Web Guy, before buying the tickets I wanted to verify if it was possible to get them doing some “magic”.

Disclaimer

I am posting this because after I told them this was possible they fixed it. There is still something they didn’t fix (DKW), so I am not going to talk about that in this post.

So back to the story, I added the ticket to the cart, and everything went as expected. cart As you can see the price is 120€ + 5€ of “Diritti di prevendita”, so the total is 125€. Why not to try some magic with discount code?? Using BurpSuite to intercept the requests, I applied a random coupon code lll.
Let’s see how the site makes requests to the backend. request1 As you can see there is a parameter called card[881][price] , this is the price of the cart, it should be checked in the backend, but I tried to modify it to see if they didn’t check it a second time.
So i changed the value from 125 to 1, like this: request2 And then, this is how the cart looked like: card2 Invalid coupon… But the price changed was succesfull, but as we say in Italy “prima di cantare vittoria”, let’s check if the changes remain even if I go forward in the payment process.
So now if everything goes as it’s soupposed to be I should pay the ticked 1€.

Order Review

Leaving aside my artistic skills, this is how the order preview appeared: card2

Let’s move on to the final step:

Payment

payment2 Yooooooooooo, it worked!

Of course I didn’t proceed with the payment and suddenly contact the organizers. It was really easy, but I did enjoy it so much. Thank you for the reading.