Fredrick Diggle Security is proud to disclose a new denial of service attack against Starbucks coffee and biscuity goodness. Other retailers are also affected by this critical vulnerability but do not provide as critical a service and therefore are not enumerated in this disclosure. The attack was initially suggested to Fredrick Diggle Security by Robert Hansen (RSnake) at last years furry convention in Madrid. The exploit takes advantage of a retailers queued nature and the fact that a single malicious client can effectively deny service to all other coffee seekers.
A Starbucks has a limited number of registers where orders can be taken. If the attacker is able to attach clients to each of this registers no legitimate clients will be able to successfully complete transactions. This disclosure will present several attack strategies which can be used individually or in parallel with other techniques to effectively shut down a Starbucks coffee house. - Order an infinite number of items individually and very slowly (this method works best when ordering items that require that cashier to perform time consuming actions away from the register. for example complex coffee based drinks or hot food items that must be microwaved). For this attack it is important that you use at least as many clients are there are registers in the store. - Using one client per register feign indecisiveness and insistence that (you were there first and people can't queue jump). This is also very effective when combined with the first attack (For example order a time consuming beverage or food item after much thought and then when it is almost prepared change your mind and sit on the fence for a few minutes before ordering another). - Use a large number of malicious clients to fill the building to a point where it is uncomfortable for legitimate client. Typically enough clients fill the store to standing room only all queuing and performing the first or second attack is sufficient. Fredrick Diggle Security hopes that Starbucks takes immediate action to remediate these vulnerabilities as they present an unacceptable level of risk that Fredrick Diggle will be unable to get his coffee fix. Fredrick Diggle would like to specifically thank RSnake for his insight and incredible work in resource exhaustion and cross-site scripting attacks. It is the opinion of Fredrick Diggle Security that if you can't break into the server you might as well make it so no one else can either. YAY! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/