.png)
1 year ago
61 BOOK THIS SPACE FOR AD
ARTICLE ADDiscovering a Hidden Security Loophole: Rent luxury Cars for a Single Dollar
I am excited to share an intriguing security vulnerability that I discovered in a car rental service a few months ago. Leveraging this loophole allowed me to rent any vehicle, for any duration, at a mere cost of 1 inr. In essence, I was able to manipulate the pricing in my shopping cart.
Initially, my primary focus was to understand the operation of the “add to cart” function and what pathway led to the final payment page, subsequently leading to the payment gateway.
The vulnerability was tucked away in a request sent while booking a car. Here’s what the request looked like:
Interestingly, the parameters used encoded strings as values. Despite multiple attempts using various decoders, I was unable to decipher these strings to ascertain their actual content.
A breakthrough came when I thought of replicating a similar request for a product of lesser value, and then using those encoded values corresponding to lower prices for a product of higher value. Essentially, this was an attempt at price parameter tampering.
To my surprise, the approach succeeded. I could manipulate the price with the encoded strings derived from the product with lower prices. The adjusted price was reflected on the payment page, and I managed to book the ride for a nominal fee of just 1 inr. In this case, I used an encoded string that corresponded to an amount of 1 inr.
Pro Tip: Whenever you encounter encoded values, delve deeper into analyzing them and attempt to escalate them. You might stumble upon something fascinating.
Bengali (Bangladesh) · 
English (United States) ·