BUG POC

BUSINESS LOGIC FLAW – Insufficient Account Validation

BUSINESS LOGIC FLAW – Insufficient Account Validation

Hello Hackers,

Let’s read some Cybersecurity Blog,…

Today, I will discuss my recent BUG which I found a few days back, in Private Program…So I cannot disclose the name of the program let’s take it as redacted.com“. As you have read the title of the Blog is BUSINESS LOGIC BUG, Let’s first talk about…

WHAT ARE BUSINESS LOGIC FLAWS?

The functionality which is implemented on the web application is to do some specific behavior and do any particular activity, but when this implemented functionality is exploited by the Attacker to do some unintended behavior that vulnerability is named Business Logic Flaw, which may occur financial loss to that company.




So, I was surfing the website and exploring all features like how it works, requests, responses, etc. I found something weird which was the user information can be changed when the user is logged out of his account.

STEP 1:

So first you need to go to the profile section and edit the profile once you edited the info you need to change, then save it but before hitting on the save button, you need to ON the Interception in Burpsuite to capture the request of saving the edited Information.

STEP 2:

Send this request to Repeater and forward the request and you will find that the details were changed, now we have the Request of earlier Response so what we need to do is Logout the User from the account.




STEP 3:

Once the user Logged out go to the Repeater Tab in Burpsuite and you have the Request which was used to Save the Edited information. Now you need to Edit any of the Information there and send it, I have edited the Phone Number and the User is still Logged Out we just have the request body.

Earlier phone number(+91xxxxxx5970) —–> Changed phone number(+91xxxxxx2653)

STEP 4:

Now log in to the same User and visit the profile page and if you see the edited information, Boom!! you successfully exploited the vulnerability.

So what happened was the server was not able to manage the cookies and cache properly and that’s the reason an attacker was able to edit the user information once it was logged out and the session was not expired

That’s all for the day, and even sorry for the Long delay guys…

BYE, for Now, meet you in my next interesting blog.

HAPPY HACKING !!!

Share this post

About the author

Leave a Reply

Your email address will not be published. Required fields are marked *