Or, assuming the app scanning the QR code itself has poor input sanitization (a very good assumption, btw), a specially crafted string could exploit the app itself.
It would be cool to fuzz the hell out of it and see what we can do. Maybe find a cheat code.
Or, assuming the app scanning the QR code itself has poor input sanitization (a very good assumption, btw), a specially crafted string could exploit the app itself.
It would be cool to fuzz the hell out of it and see what we can do. Maybe find a cheat code.
Will try to find the APK, I'm Alberta. Ontario is doing the same, we should find collaborators to try to break this thing.