Hacker Exploits Claude AI to Obtain Complimentary Tickets for Almost All US Concerts

Try Our Free Tools!
Master the web with Free Tools that work as hard as you do. From Text Analysis to Website Management, we empower your digital journey with expert guidance and free, powerful tools.

A significant and unverified SQL injection vulnerability has been identified in Front Gate Tickets (FGT), a subsidiary of Live Nation/Ticketmaster, which facilitates the ticketing framework for prominent U.S. festivals such as EDC, Bonnaroo, and Outside Lands.

This flaw enables complete administrative control of the platform, aided by Anthropic’s Claude AI model.

Researcher Ian Carroll observed that a multitude of major U.S. festivals utilized a limited number of antiquated FGT domains for their ticketing needs.

During a fuzzing process on the fgtapi.frontgatetickets.com API using the ffuf tool, it was revealed that any endpoint path including the term “device” generated a unique error that necessitated a deviceUID parameter, unveiling unauthenticated middleware associated with on-site scanners and box-office technology.

Further examination demonstrated that a deviceUID value of 12345 was successful; however, appending a single quote caused the request to stall, indicating the parameter was concatenated directly into an unfiltered SQL query.

Bypassing the WAF with Claude

Despite the endpoint’s placement behind an AWS Web Application Firewall, traditional tools such as sqlmap struggled to exploit the vulnerability.

Subsequently, the researcher utilized Claude Code with the Opus model, which uncovered that the WAF merely scrutinized the outermost layer of input. As a result, injection payloads nested within a derived subquery eluded detection.

As the endpoint did not yield direct query output, Claude devised a boolean-based blind SQL injection exploiting a MySQL anomaly wherein a string like 'x' Adding to a number coerces it to zero.

Payloads such as deviceUID = x'+(SELECT CASE WHEN THEN 1 ELSE 0 END)-- - were meticulously crafted, enabling the response to oscillate between two genuine device identifiers (“MC70-023” representing true and “Intellitix Upload” for false), thus forming a reliable oracle for incrementally extracting data.

The underlying fgs database comprised over 500 tables, encompassing sensitive information such as staff credentials, customer records, and live authentication tokens.

TableSensitive Fields Exposed
FGS_USEREmail, passcode, passcode2, permissions JSON
PERSONEmail, passcode, reset token
RESET_TOKEN / API_TOKENActive, redeemable session and OAuth tokens

By analyzing a live entry from the RESET_TOKEN table post-password reset activation, the researcher commandeered an administrator account without knowledge of its password, thereby acquiring comprehensive write access to every festival on the platform, affecting inventory, pricing, and checkout systems.

With such elevated access, an attacker could issue limitless complimentary “comp” tickets for any festival, peruse customer order databases at will (with a search for “chris” yielding thousands of records), and read or redeem password reset tokens to compromise staff and customer accounts throughout the platform.

The researcher refrained from exfiltrating bulk data, asserting that the demonstration was complete once control akin to that at EDC and Bonnaroo was obtained from a singular unauthorized GET request.

Remarkably, Front Gate Tickets and Live Nation lacked a publicly available security contact, necessitating the researcher to conjecture a valid disclosure email.

The vendor reportedly addressed the vulnerability swiftly and indicated that a bug bounty program would be launched imminently.

This incident highlights a burgeoning trend in AI-supported vulnerability research, wherein advanced language models like Claude can autonomously reverse-engineer WAF logic and formulate multi-stage blind injection exploits with minimal human intervention.

A smartphone displaying the word Anthropic lies on a wooden desk near a mug and two potted plants.

This phenomenon mirrors Anthropic’s own disclosures of AI-driven attacks and independent evaluations demonstrating AI agents successfully exploiting SQL injection vulnerabilities without explicit hacking directives.

The legacy ticketing infrastructure, which handles both consumer transactions and physical box office operations, remains an alluring target due to the vast array of personal and financial data involved.

Source link: Cybersecuritynews.com.

Disclosure: This article is for general information only and is based on publicly available sources. We aim for accuracy but can't guarantee it. The views expressed are the author's and may not reflect those of the publication. Some content was created with help from AI and reviewed by a human for clarity and accuracy. We value transparency and encourage readers to verify important details. This article may include affiliate links. If you buy something through them, we may earn a small commission — at no extra cost to you. All information is carefully selected and reviewed to ensure it's helpful and trustworthy.

Reported By

Neil Hemmings

I'm Neil Hemmings from Anaheim, CA, with an Associate of Science in Computer Science from Diablo Valley College. As Senior Tech Associate and Content Manager at RS Web Solutions, I write about AI, gadgets, cybersecurity, and apps – sharing hands-on reviews, tutorials, and practical tech insights.
Share the Love
Related News Worth Reading