Techly NewsGet the app

Get the latest tech news

Reverse engineering Ticketmaster's rotating barcodes


“Screenshots won’t get you in”, but Chrome DevTools will. Click here to skip the rant and go straight to the nerdy stuff. I recently purchased tickets to a concert from TicketMaster. If they had issue

Upon some further investigation into TicketMaster’s minified website source code, in a file called presence-secure-entry.js, I found the actual function the web-app uses to generate barcode data, which is labeled generateSignedToken. The minification makes it a bit harder to read, but it seems like ek and ck probably refer to the eventKey and customerKey respectively, while the bearer token t is referenced as rawToken in the above code. Quite hilariously, TicketMaster actually makes token-extraction easy on us: The token is logged to the browser console automatically when the barcode renderer component is mounted on the web page.

Get the Android app

Or read this on Hacker News

« Broadcom Sells $5 Billion of Bonds to Refinance VMware Loan
“Bullshit jobs” is a terrible, curiosity-killing concept »