How to Bypass Auth in a Mailing List

Shub finds a way to bypass the is authenticated check. He then looks into how that functionality is created, and I love this. This is such a great hack, dude. The stars have aligned, like it's amazing. That's how it always feels, you know, with these things is like, wow, look at this,. You know, alignment, phenomenal. So really, just to review really quickly here, what Shub does is he looks through the routes, how the application is routing, expands his scope by getting access to this API slash site core. And then being able to define the controller in the actions audits the code in the controller that is in the actions.