Hello Dev peeps,
I was on Facebook, scrolling on my News Feed and I came across an Ads regarding an online music web application that was just released. So I decided to visit the website and explored it. There were some free tracks & some premium tracks.
While exploring, something came across my mind, "Is this site really secured ?". This is where my journey started..
I did not know exactly how to proceed but the first step was to examine the website through Google Chrome - DevTools.
So I click on a random premium song to see what is going on in the Network tab in the DevTools.
When clicking on the play icon, I was checking the Network and I found 2 interesting URL,
Eventually I clicked on both URL, The first one redirect me to a JSON formatted webpage where all the data of the particular song were displayed.
Whereas the second URL show only Access denied
After spending sometime analyzing the situation, I said let's figure out a way to download one premium song without buying it.
My guess was that the Music App Developer use a call to action that trigger a PHP script via an API, when a user click the play icon and this script was returning a "content-type: audio/mpeg".
In other words, the URL that was showing Access denied web page cannot be called directly by copying & pasting the URL in your web browser. It should be called by an API.
I used API TESTER to simulate the test and as expected..
I noticed that in the Network tab in the DevTools, there were other parameters sent as Request Header.
After many trials and errors, I was able to simulate it by adding some of those Request Header
And 💥, I got the Response.. BUT in an unexpected format 😖
But it was not a big deal, I clicked on the eye icon on top-right and the premium song open in another tab in my browser and I was able to listen to it freely without having to buy it.
For your info, I got into contact with the Owner of the Online Music Application to report the issue. I don't know if they fixed it yet