• @[email protected]
      link
      fedilink
      English
      0
      edit-2
      4 months ago

      Hint – by manipulating or exploiting its code

      Which I am explaining, they…did…not…do…

      They did nothing to the code. They didn’t break the code, they didn’t cause the code to do anything it wasn’t designed to do. They did not exploit any code. They used an API endpoint that was in the open. For its intended purpose, to verify phone numbers. The api verified phone numbers, they verified phone numbers with the api. The only thing they did here…was they did verification on a lot of phone numbers.

      • @[email protected]
        link
        fedilink
        English
        44 months ago

        They absolutely exploited unintended functionality. If this was intended, they wouldn’t have added rate limiting and locked down the api after. It was clear to say this was certainly not an intended use of the api.

        In a video game for example, if there is a an item that caused excessive lagging just by placing the item. Placing a lot of them with the intent to lag the game would be an exploit. They only used items sanctioned by the game, but for unintended reasons and they would likely be banned for exploitation.

      • lazynooblet
        link
        fedilink
        English
        24 months ago

        You’re arguing with someone who was agreeing with you 😑