Hacking Shopping Cart using Concurrency Flaws


                     Friends, Do you know Hackers Hack Shopping cart using concurrency flaws and many more to get things for free or for very cheap price. So today we'll learn the most basic method of Concurrency flaws. There are many types of Concurrency flaws, I'll teach you most basic and simple.

"Always remember that Every Web Application works differently and in their own way, always try to understand how it works and you can get weakness point".


What is Concurrency Flaws ?

Concurrency flaws mostly founds in Shopping web Application. In concurrency flaws hacker fools Web Application with some concurrency tricks {As Depend upon Web-App Flaw} and decrease the Price of things, even he can get 50% or 80% Discount. It's all about understanding Web Application and Hunting for Weakness point. 
Definition as per OWASP : Modern web application frameworks are designed for developer productivity and performance. They are highly scalable, object-oriented, and can be used to create a usable web site in a matter of minutes.Concurrency flaws result when security-sensitive resources are not managed properly. As we have seen with almost every other prevalent class of security flaws, mistakes happen often when doing the right thing is difficult. To make things worse, concurrency flaws are often subtle and are identified only through difficult targeted testing.

Requirements :

Concept of this Method : Web applications can handle many HTTP requests simultaneously. Developers often use variables that are not thread safe. Thread safety means that the fields of an object or class always maintain a valid state when used concurrently by multiple threads. It is often possible to exploit a concurrency bug by loading the same page as another user at the exact same time. Because all threads share the same method area, and the method area is where all class variables are stored, multiple threads can attempt to use the same class variables concurrently. [As Per WebGoat]

Hacking Shopping Cart by Concurrency Flaws :


  • Start WebGoat : Click on Concurrency > Shopping Cart Concurrency flaw
  • Now, create two Tabs of same link, In same Browser : Likes this :

    Click on Image to enlarge it

  • Now, you can see there are Cart Items, Quantity and Price, our task is Get Sony Vaio with Intel Centrino just for 169$ at the price of Hitachi Hard Drive, yes! it is possible. with concurrency flaws.
  • Create Two tabs : Tab and Tab Y 
  • In Tab X Choose lower price item with 1 Quantity and Click on Purchase

    Click on Image to enlarge it

  • Now, Just if you want to know How it works, you can capture intersection between Browser and Server in Burp Suite and Easily understand how it works
  • Fine, now the Browser sent request to server That user want to Purchase item Just require the Confirmation. So Server already got a request of Purchase with Price value and Quantity.
  • Just at the Same time switch to second tab Y and Choose Higher Price Item with same Quantity and Click on Update Cart. :D

    Click on Image to enlarge it

  • The Trick is here only, First your browser sent a request of 1 Quantity of item with the Price of 169$ to Purchase. But After a minute Hacker changed his mind and updated cart with different item = 1 quantity with the price of 1,799$, The variable of the price has been overwritten now.
  • Go back to Tab Y and Click on Confirm and Web Application will fail to confirm the right order and Choose First Input Purchase request, but in middle we updated cart, so item changed with Price and The Hacker Reduced Amount using Concurrency Flaw
Click on Image to enlarge it

HTTP Data Tampering to decrease Price :
Here, another popular and little old method to get things for cheap price is HTTP Data Tampering using Burp Suite or Tamper Data. This is an amazing trick, to purchase HD-TV just for 9$ instead of 2999$.. Cool, you might think how's it possible? yes it can be done, but not always, I mean depend upon web site vulnerability and the way Web App works. If you want to learn HTTP data Tampering to decrease Price watch below's video.


*The Video Shows : Hacking Shopping Cart using Concurrency Flaws and
HTTP Data Tampering* 


Thank you for reading our Post, If you like it then please share it to increase us. Always feel free to comment and let me know your problem. In future we'll post more tricks and methods of Concurrency flaws and will elaborate it more deeply.

Post a Comment

 
Top