Sisupoika
December 4th, 2007, 08:56 AM
Am not sure if we could really classify this one as a "security issue", anyway...
I have recently purchased a license of their excellent Burning Studio, and found almost by case something pretty funny about their website.
The page
http://www2.ashampoo.com/webcache/html/1/muao_2_0.htm
is supposed to be accessible only to customers who have already purchased some software from them and therefore can get to that page from their "My Ashampoo" page, or through the newsletters they will receive following a purchase already made. That page allows you to make an offer for any of their products (one item per time) and if they accept your offer that software will be yours for as much as you have offered to pay.
The funny and interesting thing is that not only is that page, instead, accessible -with no restrictions whatsoever at all- to all Internet users, even those who have never even heard of Ashampoo software.
More interestingly, the code which checks the offer is simple Javascript.
This means that if you disable Javascript in your browser, as well as most likely many of us here do, you can make offers of as little as 1 for whatever products you want to purchase from them. It'll work just fine :D
Taking into consideration that
- It is one's right to disable Javascript in one's browser
- That page is unrestricted (which is Ashampoo's fault I guess)
This trick is a perfectly legal way to get various software (some of which pretty good - Burning Studio for example) for free. Or almost :D
I would suggest you to buy in Euros, provided that 1 euro is ..cheaper than 1 USD/GBP.
To do so, just select the French flag (or German/Spanish) before proceeding with your purchase.
Happy shopping fellows!
I have recently purchased a license of their excellent Burning Studio, and found almost by case something pretty funny about their website.
The page
http://www2.ashampoo.com/webcache/html/1/muao_2_0.htm
is supposed to be accessible only to customers who have already purchased some software from them and therefore can get to that page from their "My Ashampoo" page, or through the newsletters they will receive following a purchase already made. That page allows you to make an offer for any of their products (one item per time) and if they accept your offer that software will be yours for as much as you have offered to pay.
The funny and interesting thing is that not only is that page, instead, accessible -with no restrictions whatsoever at all- to all Internet users, even those who have never even heard of Ashampoo software.
More interestingly, the code which checks the offer is simple Javascript.
This means that if you disable Javascript in your browser, as well as most likely many of us here do, you can make offers of as little as 1 for whatever products you want to purchase from them. It'll work just fine :D
Taking into consideration that
- It is one's right to disable Javascript in one's browser
- That page is unrestricted (which is Ashampoo's fault I guess)
This trick is a perfectly legal way to get various software (some of which pretty good - Burning Studio for example) for free. Or almost :D
I would suggest you to buy in Euros, provided that 1 euro is ..cheaper than 1 USD/GBP.
To do so, just select the French flag (or German/Spanish) before proceeding with your purchase.
Happy shopping fellows!