.png)
9 months ago
78 BOOK THIS SPACE FOR AD
ARTICLE ADThis lab’s purchasing flow contains a race condition that enables you to purchase items for an unintended price. To solve the lab, successfully purchase a Lightweight L33t Leather Jacket. You can log into your account with the following credentials: wiener:peter | Karthikeyan Nagaraj
This lab’s purchasing flow contains a race condition that enables you to purchase items for an unintended price.
To solve the lab, successfully purchase a Lightweight L33t Leather Jacket.
You can log into your account with the following credentials: wiener:peter.
Log in to your Account with wiener:peterTurn on the Proxy On and Turn on the Intercept.Now, try to add a gift card to the cart and buy it.In Burp’s http history send the POST /cart Request and POST /cart/checkout Request to the Repeater.Right-click a tab and add it to a group.Then try to send the group request in Parallel, if you see an error for HTTP versions — then try to send the /cart request as a single request or By adding HTTP/2. (See the Above video for Reference)Now, again send the POST /cart Request and POST /cart/checkout Request to the Repeater. But change the value of product ID to 1 in /cart.So now we should have 4 requests in the repeater, make sure the 4 requests are in the same tab like/cart , /cart/checkout, /cart, /cart/checkoutNow remove the items in the cart and send the request in parallel.Do this continuously until the jacket is purchased. Then the lab will be solved.
A YouTube Channel for Cybersecurity Lab’s Poc and Write-ups
Telegram Channel for Free Ethical Hacking Dumps
Thank you for Reading!
Happy Ethical Hacking ~
Author: Karthikeyan Nagaraj ~ Cyberw1ng
Bengali (Bangladesh) · 
English (United States) ·