2024 Ticket Buying Tips

[sadimmock]

26 minutes ago, gherkin8r said:

Sounds sh*t 

No, it’s fine. Lot’s of other interesting festivals and plenty of other things to do. 

[gherkin8r]

6 hours ago, sadimmock said:

No, it’s fine. Lot’s of other interesting festivals and plenty of other things to do. 

Course there are, course there are! 

[The other Bellboy]

On 11/28/2023 at 6:14 AM, parsonjack said:

I tested it yesterday and found it exactly as @UEFdescribes.

Thank you for the other reply and explanation, I wish i had managed to read it and understand it before the local sale as i like others was keen to see what would happen, in the end completely forgot about the local sale and the accommodation one is at 1am for me, so won't be trying it then either.  

[Havors]

On 11/27/2023 at 5:14 PM, parsonjack said:

I tested it yesterday and found it exactly as @UEFdescribes.

Im a bit confused as to what he described. See tickets have fixed the exploit? 

When someone does it what happens? Takes them back to the original pre-holding page page? 

[adele92]

Sorry to be THAT annoying person but I've been reading the most recent comments on here for the past few days but still don't think exactly what the ticket buying trick was. 

 

Can someone fill me in? Just out of curiosity!

 

x

[Suprefan]

8 minutes ago, adele92 said:

Sorry to be THAT annoying person but I've been reading the most recent comments on here for the past few days but still don't think exactly what the ticket buying trick was. 

 

Can someone fill me in? Just out of curiosity!

 

x

There was an old exploit from 10 years ago that surfaced again and a lot of people used it to their advantage. It was fairly simple to do if you followed the instructions. And of course there is rampant use of bots and people who pay somebody to get them tickets, but nobody would ever admit to such tactics even though its probably prevelant.

[Pipine]

One thing that’s occurred to me about that host file loophole is.. how would you know if the server you used was a production booking server and not a test or dev server?  Could you end up buying tickets in a test environment?  I guess not since that didn’t seem to happen in the main sale. 

[incident]

4 minutes ago, Pipine said:

One thing that’s occurred to me about that host file loophole is.. how would you know if the server you used was a production booking server and not a test or dev server?  Could you end up buying tickets in a test environment?  I guess not since that didn’t seem to happen in the main sale. 

The server was (very easily determinable as) one of the servers that was in the live production environment for www.seetickets.com and www.gigsandtours.com (but not glastonbury.seetickets.com) at the time the Glastonbury sale was taking place. Anyone could look up the address for www.seetickets.com during (or just before) the sale to get this information.

So it was fairly safe to assume the server itself was talking to the live Seetickets backend. Though I guess it's certainly possible that the instance of the Glastonbury application on the server was pointed to dev so there was a risk in that aspect.

[parsonjack]

12 hours ago, incident said:

So it was fairly safe to assume the server itself was talking to the live Seetickets backend. Though I guess it's certainly possible that the instance of the Glastonbury application on the server was pointed to dev so there was a risk in that aspect.

I'd like to think that anything other than live would use dummy database records so registration lookups would have failed if that were the case.  Who knows with See though.....

[majormajormajor]

lads, apologies if i'm misunderstanding / out of line, but i like it black and white:

general resale - something like 500,000 attempts every second. probably even wayyy more if people are hitting it hard via several means.

local somerset ticket sale - probably a few hundred attempts every second

what's the technical explanation about the 'patch'? major sale sunday is all hands on deck.

Edited November 30, 2023 by majormajormajor

[UEF]

On 11/29/2023 at 3:52 PM, Havors said:

Im a bit confused as to what he described. See tickets have fixed the exploit? 

When someone does it what happens? Takes them back to the original pre-holding page page? 

At least as far as the local sale went - if you accessed the site with that modification still in place - it sent you to the blue holding page when it wasn't necessary to do so. (Or perhaps diverted you to a server that was itself getting buggered for other reasons). Removing the mod gave pretty much 90% availability on the site to do whatever you wanted. 

 

[M-T]

12 hours ago, UEF said:

At least as far as the local sale went - if you accessed the site with that modification still in place - 

 

The IP circulated in the GA sale? That would make sense. But did anyone try to verify a live mainsite IP and update it?

[hjd]

Always camped but this year getting van tickets as we're taking our son.... 

I'm looking to get in the E20 E21 E23 E 24 fields, what campervan patch do I aim to book for? 

[StoneCircle]

35 minutes ago, hjd said:

Always camped but this year getting van tickets as we're taking our son.... 

I'm looking to get in the E20 E21 E23 E 24 fields, what campervan patch do I aim to book for? 

I have answered this in questions for you. 🙂

[incident]

45 minutes ago, M-T said:

The IP circulated in the GA sale? That would make sense. But did anyone try to verify a live mainsite IP and update it?

None of the 5 usual (31.221.2.*) or the 3 "other" (167.98.233.*) can be accessed directly anymore on glastonbury.seetickets.com.

Changing hosts so that your PC bypasses the load balancer and goes directly to any of them results in (visually) the Busy page, and in the Headers the server returns a 403 Forbidden message.

I've seen enough now to be confident that they've closed off this exploit certainly for today and presumably future sales.

Edited December 1, 2023 by incident

[al_coholic]

5 minutes ago, incident said:

None of the 5 usual (31.221.2.*) or the 3 "other" (167.98.233.*) can be accessed directly anymore on glastonbury.seetickets.com.

Changing hosts so that your PC bypasses the load balancer and goes directly to any of them results in (visually) the Busy page, and in the Headers the server returns a 403 Forbidden message.

I've seen enough now to be confident that they've closed off this exploit certainly for today and presumably future sales.

Will you be testing the theory at 12pm today?

[incident]

1 minute ago, al_coholic said:

Will you be testing the theory at 12pm today?

Nope, I tested it just now. Given the way it's set up (as posted above), I don't believe there's any possible scenario the results will be different.

[Fishman]

See tickets getting sold? 

https://www.ft.com/content/b65bbb4c-44ba-40a7-b9da-3d8531406772

[dizzymoo]

1 hour ago, Fishman said:

See tickets getting sold? 

https://www.ft.com/content/b65bbb4c-44ba-40a7-b9da-3d8531406772

Seems to be behind a paywall so can't read it

[Fishman]

Gah ... it is now. Bugger, I should've copied it.

Basically this .... "Owners of O2 Arena and Hammersmith Apollo enter race for See Tickets" . Vivendi are looking for €300m and Anschutz (O2 arena) & Eventim have put in bids. Live Nation (Ticketmaster) are not expected to bid.

[Fishman]

Found another link ...

https://www.musicbusinessworldwide.com/o2-arena-hammersmith-apollo-owners-aeg-see-tickets/

[dotdash79]

15 hours ago, Fishman said:

Gah ... it is now. Bugger, I should've copied it.

Basically this .... "Owners of O2 Arena and Hammersmith Apollo enter race for See Tickets" . Vivendi are looking for €300m and Anschutz (O2 arena) & Eventim have put in bids. Live Nation (Ticketmaster) are not expected to bid.

do these bidders need to keep hitting F5 to get a buying page?

[Crazyfool01]

everyone ready ? shortcodes in ?