3

Hey,, fellow ranters, if you have some free time and want to interact with shitty Korean sites (yes, i am cozyplanes) that support all the way down to IE6, this is the chance for you!

Help me find a school code that is somewhere in the JS,

If you are interested, see comments below, and drop me a line here!

Comments
  • 2
    1. Go to https://stu.sen.go.kr/edusys.jsp/...
    2. Press 학교검색하기 button as shown in pic below
    3. Type in 신천중 and press 검색 in the right side
    4. Now inspect element or some kind of geeky stuff and find a code in the format as following: J100005350
    5. Tell me ^^
  • 0
    To copy korean and u r in the app, head here: https://devrant.com/rants/1555548
  • 1
    I did everything but i can't find a code
  • 1
    @nobes oh ok, thanks anyway

    i heard the code is in the POST request, not sure tho
  • 1
    Ah yes there are two:

    B100000001

    B100000880
  • 0
    @nobes will try
  • 1
    @nobes fuck yes! the second one worked!

    May i know how/where you found it if possible?
  • 1
    @CozyPlanes The post answer is in json Format. and you can find it under resultSVO->orgDVOList->Then the first one->orgCode
  • 2
    @nobes after dealing with the customer service and dealing with the development team that this isn't confidential when it is exposed to the public with a bit of interacting with developer tools

    they sent me a excel file which has all the school code in seoul, roughly 100mbs
  • 0
    @Bitwise That’s like the time I worked for this company who had an employee form in their web portal. It displayed all of your info in the form, including a drop down for your reporting manager. Because employees should be able to change their address and stuff but not, say, their reporting manager or department they worked in, they simply disabled the inputs and drop downs. Editing the html in dev tools, deleting disabled=“disabled” and selecting myself as a reporting manager (the drop down listed every single employee), then hitting submit actually worked.

    Hiding things on the frontend != secure
Add Comment