> Join gym> they give me a code for an app> look into the app> most bootlegged piece of shit ever> apparently many gyms in my country use it.> A company runs various gym servers using said app > effectively each gym rents a cloud instance from them> potentially hundreds of gyms looking at the in app list.> Log in with my ID (which also happens to be my password)> Notice that there's no way to change my password, ever> IDs(and by extension passwords) are sequential in order> if your ID(and password) is 1000234, there's also a 1000233 (who signed up before me) and a 1000235(who signed up after me)> I'm able to log in to everyone's account> Names> Emails> Home addresses> Optional medical information> It's all fucking thereI've contacted the company to fix this GLARING issue.But at this point i think i might just call who ever is responsible for data protection and GDPR enforcement.
>>107037043>doesn't live in the UK>doesn't say the app name>just wasted my timeokay champ
>>107037043Gyms are a fucking scam, that's why I cancelled my membership and just got some cheap second-hand home gym equipment. Unfortunately almost every single piece of sports-related tech is botnetted beyond belief because sportfags seem to be giga-normies that don't care about privacy. I've looked into smartwatches every all of them are useless cancer that's specifically made to track you. Also almost everything requires constant internet connection which is absolutely insane when you consider that people will want to be using them in places where there's no cell coverage. Thank god that they still make basic bluetooth HR monitors and for osmand. At least there is one way to record and tack your trips that isn't fucking strava botnet.
>>107037043This is unironically one of the reasons that drove me off gyms as a whole. Shitty ass appsTo be fair, the biggest reason was having to interact with normies, but the app was definitely an item on my hate list too
>>107037043why are you putting spaces after your meme arrows? this isn't discord
>>107037043yooooo nigga what a trip! i vibe coded that. what a sick coincidence. you in LA by chance? let's smoke some. wild dude.
>>107037146>biggest reason was having to interact with normies,Just avoid peak hours and wear noise cancelling headphones. What other interaction would you have at a gym besides asking/getting asked how many set you got left on a machine?
>>107037043You just described IDOR: Insecure direct object referencehttps://cheatsheetseries.owasp.org/cheatsheets/Insecure_Direct_Object_Reference_Prevention_Cheat_Sheet.htmlYou can do the same thing with hotels:>the TV can pull up your room's bill>if you reprogram the TV with a different room number, you can pull up that room's bill>knew a guy at defcon that wrote a little python code, hooked it with an IR emitter, and walked the keyspace at the Riviera enumerating the bill of every hotel room.
>space after greentextDidn't read. Lurk more.
>>107037568>the TV can pull up your room's billLiterally how?
>>107037043ngl if it were me I would have kept quiet about it and just given me and my friends/family free gym subscriptions to the highest member tier.
>>107037043gym door is strikingly similar of factory doorall guest resemble inmatesapp for managers
Gyms are for the most deranged of goys. Like, why would anyone willingly torture themselves, and cut years off their lives? For some inflammation that will disappear after a few months? Because other morons on social media told them it was trendy? It doesn't make any sense.
>>107037899Don't you love newfags larping as oldfags?
Do something with it
>>107037990>Literally how?TV is essentially a dumb terminal. It sends a request to the backend which returns the current folio. If they can show a program guide on channel 0 -- which is usually just an XML payload in a RSS feed -- they can display your current bill.I've had many cases where I check in to a hotel and by the time I get to the room the TV is on and a personalized greeting ("welcome Mr. Anon") is on the main display.
>>107037043>I've contacted the company to fix this GLARING issue.DON'T DO THISTHIS HAS NEVER WORKED IN YOUR FAVORAt worst they will ignore your complaint.But most likely they will fucking sue you.
>>107037043technically you can get in law trouble for doing that.weev went to prison for it, incrementing a URL and exposing shitty security
>>107037043Have you considered blackmail?
>>107037043>I've contacted the company to fix this GLARING issueYou just weev'd yourself
>>107038090Just because you go to the gym doesn't mean you're a roid monster/muscle freak. Simply being fit and being able to use your body to its full potential feels amazing. Not to mention that having a belly or any significant amount of fat on you feels like you're constantly carrying luggage on you that you just can't take off. It's not something a lardass like you would know tho.
>>107037043>they give me a code for an appWould have quit right then and there
>>107037043scrape the data for hot girls
>>107038090bro i want to lose weight and it helps not being in the house and doing exercises with friends.
>>107037144>be anon>too fat to check heartbeat at carotid, never mind distal pulses >too fat to just exercise without the distraction of niggerteque>these normies take the whole botnet!>I just want a little botnet!>can't have the nsa hearing my encumbered heaving breaths>bitch about botnet spy devices insteadSome of you are so miserable you can't even enjoy the cardio bunnies and getting mired by cougs while using the lat pull down machine...... and the stares from gays when doing glute bridges.
>>107038320This. OP is a moron.
>>107037043>>>I've contacted the company to fix this GLARING issue.good goythey won't do a thing btw they don't care
enjoy your lawsuit OP
