Finding Your First Bug: Business Logic Errors

Share
Embed
  • 
    Loading...
  • Published on:  10/9/2019
  • Correction: at 30:55 I launched intruder to just get errors back, however, this was because my JSON payloads were not legal JSON. I had missed a comma in Intruder. Thank you to FrenchPirate83 for finding that error.

    Hi everyone, welcome to the first video in my new series "Finding Your First Bug" in this series I'm going to go over some good first bugs: explain what they are, how to find them, show some examples of real bugs in the wild that paid out and finally do a practical example with Burp on a real target.

    In this video, we'll be discussing Business Logic Errors, a type of bug that targets the logic of a website or app rather than the technical implementation.

    0:00 - Theory: what is a business logic error/how to find them
    7:09 - Case studies: 8 examples of business logic bugs by complexity
    21:28 - Practical Burp: Looking at Flurry an app in scope on the Verizon Media public program

    -- Case Studies --
    - Response program can create bounty table - $500: https://hackerone.com/reports/460920 - OLO Total price manipulation using negative quantities - $3,500: https://hackerone.com/reports/364843
    - Able to manipulate order amount by removing cancellation amount and cause financial impact: $750 - https://hackerone.com/reports/614523
    - Gaining unlimited bonus points on websites with WooCommerce Points and Rewards - $150: https://hackerone.com/reports/592803
    - Lack of proper paymentProfileUUID validation allows any number of free rides without any outstanding balance - $1,500: https://hackerone.com/reports/574638
    - Lack of payment type validation in dial.uber.com allows for free rides - $5,000: https://hackerone.com/reports/162199
    - Harvesting all private invites using leave program fast-tracked invitation and security@ email forwarding feature - $2,500: https://hackerone.com/reports/334205 and https://medium.com/japzdivino/harvesting-all-private-invites-using-leave-program-fast-tracked-invitation-and-security-email-a01c8b3ce76f
    - Claiming package names in GitLab's automatic package referencer. - $1,000: https://hackerone.com/reports/462503

    -- You Should Also Watch --
    HOW TO GET STARTED IN BUG BOUNTY (9x PRO TIPS) - STÖK - https://www.201tube.com/video/CU9Iafc-Igs/video.html

    -- Social Media --
    - Twitter: https://twitter.com/InsiderPhD
Loading...

Comment