.png)
3 months ago
52 BOOK THIS SPACE FOR AD
ARTICLE ADThis lab doesn’t adequately validate user input. You can exploit a logic flaw in its purchasing workflow to buy items for an unintended price. To solve the lab, buy a “Lightweight l33t leather jacket”. You can log in to your own account using the following credentials: wiener:peter | Karthikeyan Nagaraj
This lab doesn’t adequately validate user input. You can exploit a logic flaw in its purchasing workflow to buy items for an unintended price. To solve the lab, buy a “Lightweight l33t leather jacket”.
You can log in to your own account using the following credentials: wiener:peter
Click on the “Lightweight l33t leather jacket”Turn on the proxy, click add to cart and capture the requestSend it to the repeater and IntruderGo to Intruder,change the value of the quantity to 99, then
navigate to payloads,
choose Null payload,
set the value to 323,
Click Resource Pool,
Click Create a New Resource Pool,
Set max concurrent request to 1,
And start the AttackAfter the attack is completed, go to the repeater, change the value of the quantity to 47, and send the request.Now click the Minus button in the cart one time to make it a negative value.After that add another product to the cart till the value gets between 1 and 100For Example, if the Total is -1300$ then add a product 60$ * 20 quantity then the Total becomes 100$. (Your initial balance will be 100$)Or you can add some more products to reduce the negative value to positive values.After that, Click Place order to solve the lab.
A YouTube Channel for Cybersecurity Lab’s Poc and Write-ups
Telegram Channel for Free Ethical Hacking Dumps
Thank you for Reading!
Happy Ethical Hacking ~
Author: Karthikeyan Nagaraj ~ Cyberw1ng
Bengali (Bangladesh) · 
English (United States) ·