You Can Break the Developer's Logic Easily 🤫 A 10th-Class Bug
Yes, true! I don’t know why developers will do these kinds of mistakes while writing code 🤷♂️ anyone who analyses the flow can break this.
Hello Folks, In this blog, I want to discuss how developers will make mistakes while writing the code, No No while copy paste from StackOverflow 😂😂
This is a very very simple bypass, anyone can do it with a simple analysis, that’s why I mentioned it in the title “A 10th-Class Bug”.
This is one of the most famous applications in EUROPE.
Let’s get Started !! 😉
In this application, there is a functionality called submitting requests to various third-party application forms.
The application will validate the user before they submit the form.
Users need to update their details before submitting.
But here developer will call one API to validate and post that verification they can submit the request to the form, without that it’s not possible.
I simply intercepted the request and I found one API, which is user verification as shown here:
I intercepted the response and I found that the developers are doing the simple check and actually they are not validating properly.
I simply changed the response to success instead of Fail!
Wonderful…!!
It worked as expected. This we generally called response manipulation and the browser will trust this modified response and allows me to access the restricted functions.
Which is really nice 😂😂
Finally, I bypassed the user checks via response manipulation.
That’s it for this write-up.
Happy Hacking 🥂🥂
Thanks for reading.
Please follow me for more writeups.
