Business logic vulnerabilities Attack - ties2/web-pentest GitHub Wiki

Business logic vulnerabilities refer to a type of security flaw that occurs when an attacker exploits the logic and rules of an application or system to gain unauthorized access or to carry out malicious activities. These vulnerabilities can be difficult to detect because they are not based on traditional technical weaknesses such as SQL injection or cross-site scripting. Instead, they involve exploiting the underlying logic of the system or application.

Types of Business Logic Vulnerabilities:

Order Manipulation:

Order manipulation is a common business logic vulnerability in e-commerce applications. Attackers exploit this vulnerability to change the price of a product or service, manipulate the number of items ordered, or change the shipping address to redirect the order to their location. For example, an attacker may modify the price of a product to be sold for a lower price than the original or use stolen credit card information to purchase items.

Account Takeover:

Account takeover occurs when an attacker gains access to a user's account and takes control of it. Attackers may exploit this vulnerability by guessing passwords, exploiting password resets, or using stolen credentials. Once an attacker has access to a user's account, they can use it to steal sensitive information, make unauthorized purchases, or launch further attacks against the system.

Authentication Bypass:

Authentication bypass vulnerabilities occur when an attacker can bypass the authentication mechanism of an application or system without proper credentials. For example, attackers may exploit this vulnerability by modifying HTTP requests, manipulating hidden form fields, or forging session tokens.

Business Process Manipulation:

Business process manipulation vulnerabilities occur when an attacker manipulates the underlying business logic of an application or system to carry out malicious activities. For example, an attacker may change the flow of a process to bypass critical security checks or to access unauthorized resources.

Data Tampering:

Data tampering vulnerabilities occur when an attacker modifies or deletes critical data in an application or system. Attackers may exploit this vulnerability to steal sensitive information, manipulate data to gain access to unauthorized resources, or disrupt critical business operations.

Example of Business Logic Vulnerabilities:

An example of a business logic vulnerability is an e-commerce website that allows customers to purchase items without proper authentication or payment verification. An attacker can exploit this vulnerability by modifying the payment amount or changing the shipping address during the checkout process, redirecting the order to their location.

Another example is a banking application that allows users to transfer funds without proper verification or authentication. Attackers can exploit this vulnerability by using stolen credentials to access user accounts and transfer funds to their own accounts.

Preventive measures for Business logic vulnerabilities attacks:

Use threat modeling to identify potential business logic vulnerabilities and use input validation and sanitization to prevent them

  • Implement proper input validation and sanitization
  • Enforce proper authentication and authorization mechanisms
  • Monitor and log all user activities
  • Implement proper access controls
  • Regularly review and update business logic rules and processes
  • Use automated tools to scan for vulnerabilities in applications and systems

It is important to note that prevention is key in protecting against business logic vulnerability attacks. Regularly reviewing and updating business logic rules and processes is crucial in maintaining a secure application or system.

cheat sheet for Business logic vulnerabilities attacks:

  1. Order Manipulation:
  • Change the price of a product or service
  • Manipulate the quantity of items ordered
  • Change the shipping address to redirect the order to their location
  1. Account Takeover:
  • Guess passwords
  • Exploit password resets
  • Use stolen credentials
  1. Authentication Bypass:
  • Modify HTTP requests
  • Manipulate hidden form fields
  • Forge session tokens
  1. Business Process Manipulation:
  • Change the flow of a process to bypass critical security checks
  • Access unauthorized resources
  1. Data Tampering:
  • Modify or delete critical data
  • Steal sensitive information
  • Manipulate data to gain access to unauthorized resources