#+HashtagPLUS
In

Menu

Post image 1
Post image 2
Post image 3
Post image 4
Post image 5
Post image 6
Post image 7
Post image 8
Post image 9
Post image 10
Post image 11
Post image 12
Post image 13
Post image 14
Post image 15
Post image 16
Post image 17
Post image 18
Post image 19
Post image 20
1 / 20
0

Client-Side Price Manipulation: Pay Whatever You Want at Checkout

DEV Community·Oopssec Store·22 days ago
#5teOHATG
#lab#security#nextjs#webdev#total#server
Reading 0:00
15s threshold

Exploiting a server-side validation failure in OopsSec Store 's checkout process to purchase products at arbitrary prices. OopsSec Store 's checkout sends the order total straight from the browser. The server saves whatever it receives without recalculating from actual product prices. Change it to a penny, the order goes through at a penny. Table of contents Lab setup From an empty directory: npx create-oss-store oss-store cd oss-store npm start Enter fullscreen mode Exit fullscreen mode Or with Docker (no Node.js required): docker run -p 3000:3000 leogra/oss-oopssec-store Enter fullscreen mode Exit fullscreen mode The app runs at http://localhost:3000 . Vulnerability overview When you buy something on OopsSec Store , the browser sends a POST to /api/orders with the cart items and a total field. That total is calculated by frontend JavaScript. The server takes it at face value and creates the order. The product prices are in the database. The server could look them up and do the math itself. It doesn't.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free accountLog in
Read More