Manipulating the price of goods in some shopping baskets



################################################## ################################
@ @
@ :: LwB Security Team :: @
@ @
################################################## ################################
# -written By durito #
# -e-Mail: [email protected] #
# -http: //www.lwbteam.org #
# -date: 28/01/2004 #
# -comments: Information is provided for reference only and is considered #
# As a benefit for administrators. This article is not #
# A guide to action. We are not responsible for damage #
# Perfect reader of this article, and for illegal #
# Use the information provided to us #
################################################## ################################

- = Manipulation of the price of goods in some shopping carts = -
************************************************** ******

The vulnerability, which I want to tell you today, is not new, but despite this,
some new e-commerce systems that appear on the network susceptible to them.

I'll start with an old bug, which lies in the fact that the script shopping carts
It does not filter the characters number of purchased goods. A striking example of this vulnerability
It gives us a shopping trolley with http://www.memoryworld.net.
Suppose that we select from the catalog of products COMPACT FLASH CARD (3.3 / 5V) 128M
- COMPACT FLASH CARD (3.3 / 5V) 128M MEMORY CARD for $ 55.00 for 1 piece.
In our shopping trolley product is, and we can pay it. But let's say we
We decided to order myself one COMPACT FLASH CARD (3.3 / 5V) 128M - COMPACT FLASH
CARD (3.3 / 5V) 128M MEMORY CARD, only now in the window we set the number of goods
not 1 and 1. As a result, shopping carts with goods based ask us to pay
$ 55.00 - $ 55.00 = $ 0.00
Like this:

Description Quantity Price Total Price
Peripherals - COMPACT FLASH CARD (3.3 / 5V) 128M - COMPACT FLASH CARD (3.3 / 5V)
128M MEMORY CARD -1 $ 55.00 ($ 55.00)
Peripherals - COMPACT FLASH CARD (3.3 / 5V) 128M - COMPACT FLASH CARD (3.3 / 5V)
128M MEMORY CARD 1 $ 55.00 $ 55.00
Total $ 0.00

Naturally for $ 0.00 no 2 COMPACT FLASH CARD you will not send, but if you approach
the matter properly, then in principle to reduce the price of goods is real.

A second example of poorly written e-shop truck gives us a
http://ssl.adgrafix.com/cgi-bin/checkitout/checkitout.cgi?theorangSTORE:CKIE:home+
In this case, the price of goods is registered in the hidden html-code fields, and it can be changed.
That piece of code:
---------------

California Valencia Oranges



$ 29.99 New Low Price Includes Standard S & H.
name = price>






We will be shipping our CA Valencia Oranges Now through September !! Order Today !!

----------------
This is a hidden line with the price:
------
name = price>
------
it can forward to:
---
name = price>

And the transaction at this price goes.


Copyright 2002-2004 by LwB Security Team. All rights reserved.

Liked? Subscribe to RSS news!
You can also support shram.kiev.ua, click:

Do not be amiss to your friends and find out this information, share with them the article!