In this article I will show you my Video Proof of Concept for the Logical Vulnerability that I found in Cydia back in January this year. This vulnerability allows any malicious user to buy any paid tweaks for free. This issue was not reported to Cydia.
First, You need to have a PayPal account with a balance of -1 or higher (any negative number except for 0).
Why (- [negative]) number? base on my research, Cydia accepts any amount except from (0) whether is it a negative or not.
Proof of Concept:
Below is the Video PoC of the issue.
Few months ago, I posted a tweet on my twitter account about this issue and a Bugcrowd staff named Kymberlee shoot me an email about the issue asking me if the vulnerability was on Cydia or iOS. I told her that the issue is on Cydia and I told her not to report the issue that time since Cydia is from underground.
This issue was not reported to Cydia and still can be exploited for good stuffs.
I hope you enjoy this article.
Evan / Invalid Web Security
Without a struggle, there can be no progress.
- Frederick Douglass