Maia Arson Crimew "how to completely own an airline in 3 easy steps and grab the TSA nofly list along the way"


Maia Arson Crimew's "No-Fly List" Leak
Maia Arson Crimew "how to completely own an airline in 3 easy steps and grab the TSA nofly list along the way"


Maia Arson Crimew's "No-Fly List" Leak
Maia Arson Crimew "how to completely own an airline in 3 easy steps and grab the TSA nofly list along the way"
![step 2: how much access do we have really? ok but let's not get too excited too quickly. just because we have found a funky jenkins server doesn't mean we'll have access to much more than build logs. it quickly turns out that while we don't have anonymous admin access (yes that's quite frequently the case [god i love jenkins]), we do have access to build workspaces. this means we get to see the repositories that were built for each one of the ~70 build jobs. step 3: let's dig in most of the projects here seem to be fairly small spring boot projects. the standardized project layout and extensive use of the resources directory for configuration files will be very useful in this whole endeavour. the very first project i decide to look at in more detail is something about "ACARS incoming", since ive heard the term acars before, and it sounds spicy. a quick look at the resource directory reveals a file called application-prod.properties (same also for -dev and -uat). it couldn't just be that easy now, could it? well, it sure is! two minutes after finding said file im staring at filezilla connected to a navtech sftp server filled with incoming and outgoing ACARS messages. this aviation s--- really do get serious. this aviation s--- get serious emote site: /ForNavtech/ACARS IN ETT VOY PDF OUT ForNavtech ACARS IN AIMS IN FUELIN Filename A Filesize Filetype in-01012023-00... in-01012023-00... in-01012023-00... in-01012023-00... in-01012023-01... in-01012023-01... in-01012023-01... in-01012023-011... in-01012023-01... in-01012023-01... in 01012023-01... in-01012023-01.. in-01012023-01 -01012023-01... in-01012023-01 Last modified Permission Owner/Grou 01012023-01 in-01012023-01 01/06/2023. -rw-rr 658 500 01/06/2023. -rw-r--r- 658 500 -FW-E-F-- 658 500 01/06/2023 -rw-r- 658 500 01/06/2023 01/06/2023 -rw-r-- 01/06/2023 01/06/2023... -rw-t-r- -TW-4-1- 47-4-4 01/06/2023. ---- 01/06/2023. 01/06/2023... -TW-E-E 01/06/2023 01/06/2023 Wist -W----- 01/06/2023 01/06/2023 01/06/2023 01/06/2023 01/06/2023 01/30/2023 01/06/2023 01/06/2023 125 RCV-file 126 RCV-file 129 RCV-file 133 RCV-file 126 RCV-file 126 RCV-file 133 RCV-file 127 RCV-file 127 RCV-file 127 RCV-file 129 RCV-file 127 RCV-file 127 RCV-file 127 RCV-tile 127 RCV-file 127 RCV-le 126 RCV-186 127 RCV nic AZT WCV-te 01012023-91 in-01012023-01 01012023 01 28319 fos Total size 3.581.552 bytes 658 500 658 500 658 500 658 500 458 500 658 500 558 500 658.500 558 500 658500 658 500 658 500 658 500 658 500 458-300 442](https://i.kym-cdn.com/photos/images/masonry/002/518/594/7bf.png)
![step 2: how much access do we have really? ok but let's not get too excited too quickly. just because we have found a funky jenkins server doesn't mean we'll have access to much more than build logs. it quickly turns out that while we don't have anonymous admin access (yes that's quite frequently the case [god i love jenkins]), we do have access to build workspaces. this means we get to see the repositories that were built for each one of the ~70 build jobs. step 3: let's dig in most of the projects here seem to be fairly small spring boot projects. the standardized project layout and extensive use of the resources directory for configuration files will be very useful in this whole endeavour. the very first project i decide to look at in more detail is something about "ACARS incoming", since ive heard the term acars before, and it sounds spicy. a quick look at the resource directory reveals a file called application-prod.properties (same also for -dev and -uat). it couldn't just be that easy now, could it? well, it sure is! two minutes after finding said file im staring at filezilla connected to a navtech sftp server filled with incoming and outgoing ACARS messages. this aviation s--- really do get serious. this aviation s--- get serious emote site: /ForNavtech/ACARS IN ETT VOY PDF OUT ForNavtech ACARS IN AIMS IN FUELIN Filename A Filesize Filetype in-01012023-00... in-01012023-00... in-01012023-00... in-01012023-00... in-01012023-01... in-01012023-01... in-01012023-01... in-01012023-011... in-01012023-01... in-01012023-01... in 01012023-01... in-01012023-01.. in-01012023-01 -01012023-01... in-01012023-01 Last modified Permission Owner/Grou 01012023-01 in-01012023-01 01/06/2023. -rw-rr 658 500 01/06/2023. -rw-r--r- 658 500 -FW-E-F-- 658 500 01/06/2023 -rw-r- 658 500 01/06/2023 01/06/2023 -rw-r-- 01/06/2023 01/06/2023... -rw-t-r- -TW-4-1- 47-4-4 01/06/2023. ---- 01/06/2023. 01/06/2023... -TW-E-E 01/06/2023 01/06/2023 Wist -W----- 01/06/2023 01/06/2023 01/06/2023 01/06/2023 01/06/2023 01/30/2023 01/06/2023 01/06/2023 125 RCV-file 126 RCV-file 129 RCV-file 133 RCV-file 126 RCV-file 126 RCV-file 133 RCV-file 127 RCV-file 127 RCV-file 127 RCV-file 129 RCV-file 127 RCV-file 127 RCV-file 127 RCV-tile 127 RCV-file 127 RCV-le 126 RCV-186 127 RCV nic AZT WCV-te 01012023-91 in-01012023-01 01012023 01 28319 fos Total size 3.581.552 bytes 658 500 658 500 658 500 658 500 458 500 658 500 558 500 658.500 558 500 658500 658 500 658 500 658 500 658 500 458-300 442](https://i.kym-cdn.com/photos/images/original/002/518/594/7bf.png)
Maia Arson Crimew's "No-Fly List" Leak
Maia Arson Crimew "how to completely own an airline in 3 easy steps and grab the TSA nofly list along the way"


Maia Arson Crimew's "No-Fly List" Leak
Maia Arson Crimew Website Homepage
Maia Arson Crimew's "No-Fly List" Leak