Jump to content
  • Sign Up!

    Join our friendly community of music lovers and be part of the fun 😎

Ticket tips and Tricks for 2025 festival


Crazyfool01

Recommended Posts

Just now, Crazyfool01 said:

so im presuming if they have 3 servers in operation and a 4th that is a standby then as soon as that server is being asked to process 1/4 or more of the sales then the advantage is gone ? would that server be able to potentially handle things at a quicker rate or not be limited in numbers that it was able to process like the others that seem to handle at a set speed ? Are there other ways that people might be attempting to get round this ? just as soon as a hack is discovered they might be attempting to find the next one 

 

They had 5 servers in operation serving Glastonbury traffic. There was 3 servers not serving Glastonbury traffic, that could have been exploited in this way (though from what I saw the "instructions" circulated only focussed on one of them).

 

But trying to work out a percentage from that is pointless as it doesn't tell the story.

 

Firstly, the "legitimate" 5 servers were behind a load balancer, and so each server never actually saw the real volume of traffic and so didn't get affected by it. Secondly because I don't believe that the 3 "other" servers are capable of handling the same volume as the 5 main ones - so they'll fall over with a much lower volume of traffic hitting them.

 

The fix See have put in place, essentially, makes it so that any connection that hasn't gone via the load balancer now automatically gets rejected, meaning that something using this technique can't happen again (unless See were to deliberately set up a server without that protection, which surely even they wouldn't do).

  • Thanks 1
Link to comment
Share on other sites

16 hours ago, incident said:

The fix See have put in place, essentially, makes it so that any connection that hasn't gone via the load balancer now automatically gets rejected, meaning that something using this technique can't happen again (unless See were to deliberately set up a server without that protection, which surely even they wouldn't do).


It’s easy for me to believe they have intentional holes for personal use. People are saying this exploit was around for years. There was a similar one found I think in 2011. So I won’t be surprised to find out there is a new one. But how many will know about it? 

Link to comment
Share on other sites

So something I noticed during the Oasis sale has led me to believe that my ISP was behaving strangely, and this has been followed up by being blocked by twickets on my ISP, if I switch to another service provider (we have 2 internet connections in the house) or to mobile it works fine, but switch back I get a 403 error from the server. 
 

I suspect the way that carrier grade nat has been set up means the pool of IP addresses it uses is small or it’s mis-configured. I’ve just bought myself a dedicated IP address for the sale. 

Link to comment
Share on other sites

On 9/3/2024 at 10:30 AM, incident said:

 

I'm not doubting that it could be shared.

 

But if it did become widely used, then very quickly the servers involved would become overloaded just as much (potentially more) than the main site given they're the backup ones not configured to deal with heavy load.

 

The servers did get overloaded. I know of someone who routed out to the 'quieter' / non-Glastonbury servers, had been told it would be instant or take a couple of minutes, it took over 20 mins before they got to the registration / postcode page. Id say you're well into 5 figures, not just a few thousand.

 

 

Edited by Peter_Quaife
Link to comment
Share on other sites

  • 2 weeks later...

so ive been reading a bit on reditt and there seems to be have been some hack that helped people gain tickets .... is there anyone on here that could talk me through how to do it in a simpletons language ? ..... id like to be fully able to utilise the options available ... even if there is some kind of block in place now , might also help some other users on here 

Link to comment
Share on other sites

2 hours ago, WorthyCow said:

so ive been reading a bit on reditt and there seems to be have been some hack that helped people gain tickets .... is there anyone on here that could talk me through how to do it in a simpletons language ? ..... id like to be fully able to utilise the options available ... even if there is some kind of block in place now , might also help some other users on here 

 

As they closed the exploit used in the general sale for the resale, someone taking you through it would stop you from successfully getting tickets, not help. But regardless the details are both in this thread and last years thread here of a similar title. 

 

If there is a new exploit discovered, please know that no one here that benefited from the exploit shared it until after the fact, so you should not count on Reddit or here or anywhere else to help with that based on past behavior, unfortunately. 

 

One community went so far as to ban words describing it, so only the mods there could benefit and not the users. 

  • Upvote 1
Link to comment
Share on other sites

6 minutes ago, assorted said:

 

As they closed the exploit used in the general sale for the resale, someone taking you through it would stop you from successfully getting tickets, not help. But regardless the details are both in this thread and last years thread here of a similar title. 

 

If there is a new exploit discovered, please know that no one here that benefited from the exploit shared it until after the fact, so you should not count on Reddit or here or anywhere else to help with that based on past behavior, unfortunately. 

 

One community went so far as to ban words describing it, so only the mods there could benefit and not the users. 

ive had a decent browse but cant find the steps that id have to take in a technical manner , like what would I need to do on my laptop to enable me to be able to go to the unused server ?  id probably use it as a backup if I wasnt getting somewhere on another machine if that makes sense .... id just like to have as many options open as possible 

Link to comment
Share on other sites

3 minutes ago, WorthyCow said:

ive had a decent browse but cant find the steps that id have to take in a technical manner , like what would I need to do on my laptop to enable me to be able to go to the unused server ?  id probably use it as a backup if I wasnt getting somewhere on another machine if that makes sense .... id just like to have as many options open as possible 

 

Again, you don't have it as an option. They've (fairly comprehensively) closed that door so it's a waste of time talking you through it.

Edited by incident
Link to comment
Share on other sites

50 minutes ago, Gnomicide said:

Just had an anonymous tip that main sale is 17th November. It's not someone I've had info from before so I can't swear by it.

 

It makes sense, it's the same calendar week as last year.

 

Ticket sale just as we're all hunkering down for the long winter stretch, with Christmas looming. 

 

I think my seasonal adjustment disorder is starting to kick in 😞 

Link to comment
Share on other sites

1 hour ago, Gnomicide said:

Just had an anonymous tip that main sale is 17th November. It's not someone I've had info from before so I can't swear by it.

Wait you're saying that so everyone plans for that date then you are all ready for the real date and you can just grab tickets easily.

 

I like your work.

Link to comment
Share on other sites

3 minutes ago, Ayrshire Chris said:

IMG_1697.gif.1b14edc0fc526e8ec7aeeee94c5da74b.gif

 

 

 

hahaha remember to have your kango on slow mode - more than 60 bangs a minute and you are in trouble! 

Link to comment
Share on other sites

4 minutes ago, Aragorn said:

Presume you know someone who works at See?

 

Not anymore - but I have done in the past and know how their systems work, and so can deduce the above with confidence from the outside.

Link to comment
Share on other sites

19 hours ago, incident said:

 

Again, you don't have it as an option. They've (fairly comprehensively) closed that door so it's a waste of time talking you through it.

Was it not reopened after being shut down initially when it was discovered on here ? Or was it never closed off ? 

Link to comment
Share on other sites

Just now, Crazyfool01 said:

Was it not reopened after being shut down initially when it was discovered on here ? Or was it never closed off ? 

 

There was something a few years earlier that stopped working but I believe that was because the servers in question were no longer (publicly?) available rather than See actively fixing the underlying way the exploit works - hence once other servers were later identified people were able to use the exact same technique.

 

Last year, between the Main Sale and the Accomodation Sale, See fixed this particular hole in such a way that I'm confident something of that nature can't occur again - unless of course either See deliberately remove the protection they put in place (which would be an astonishingly dumb thing to do), or they made a change that inadvertently/unexpectedly reopens the hole (which we can't rule out but there's no sign of happening so far).

 

I know some people will think "well they could also leave a hole deliberately for themselves" - but probably not, as the people capable of doing that would be the same ones who already have deep enough access that they've got no need of a public facing hole. They'd already be able to get all the tickets they wanted without needing to do something public facing that could risk getting exposed / questions asked.

  • Thanks 1
Link to comment
Share on other sites

19 hours ago, incident said:

 

Again, you don't have it as an option. They've (fairly comprehensively) closed that door so it's a waste of time talking you through it.

 

13 minutes ago, incident said:

 

Not anymore - but I have done in the past and know how their systems work, and so can deduce the above with confidence from the outside.

 

11 minutes ago, Crazyfool01 said:

Was it not reopened after being shut down initially when it was discovered on here ? Or was it never closed off ? 

are you suggesting that the above comments are just a ruse to throw us off the scent? 🤣🤣🤣

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...