5.9 Lab: Infinite money logic flaw | 2024

This lab has a logic flaw in its purchasing workflow. To solve the lab, exploit this flaw to buy a “Lightweight l33t leather jacket”.

You can log in to your own account using the following credentials: wiener:peter

Log in to your account using wiener:peter, turn on Proxy and turn off the Intercept.Add Gift card to card and add the coupon SIGNUP30 click Apply and place the Order.Upon placing the order, You’ll receive a code. Add that to the Gift Card and click Redeem.You’ll get 10$ including 3$ profit.Now, we have to automate the process till we reach an Amount to buy the Jacket.To do that,
Go to the project Option,
Click Add,
Navigate to Scope,
Select Include All URLs,
Navigate to the Details pane,
In Rule Actions, click Add, and choose Run a Macro,Now, Click Add, choose the Following, and click ok
/cart
/cart/coupon
/cart/checkout
/cart/order-confirmation?order-confirmation=true
/gift-cardAfter that, click /cart/order-confirmation?order-confirmation=true
Click Configure,
Click Add,
Add the Parameter name as gift-card,
Select the value in the response and Click okSelect /gift-card , Click Configure, select Derive from prior response and Click OkFinally, Click Test Macro to test whether the Macro is working or NotThen, go to http history and send /My-Account request to Intruder
Choose session as payload,
Go to the payloads tab, choose Null Payloads, and add generate to 412Finally, go to Resource Pool, Click Create New Resource Pool, set the Maximum Concurrent Request to 1, and start the AttackAfter the Attack is completed, Check whether you have enough money to buy the jacket. If not, you can start the attack again, else Buy the Jacket to Solve the Lab.