Mohamed Sayed - Blog

  Hi again, this topic is about something special it's about Business Logic errors Logical bugs what is this? we will know. What is Business Logic? It is how the data (which the website receives) created, stored and modified and this developed for you, let's take an example for that of checkout process: the form which takes your address and information the second form will take payment details the payment will be processed On successful transaction, the page will show congratulations So know what is the Bugs or Error which will be in this?! let's give some example for that (this is not all of Bugs/Errors): now I'm in an e-commerce store and I'm sopping and I choose a product  I add it to my car and I opened it to checkout and get the product but when I checkout I added a lower cost and the process will continue and get the product with low cost, another thing, if I can add the quantity on the cart I can try to add a half like that 0.5 if the

Hi again :P, let's continue our topic about XSS bugs, read part one if you didn't. Let's start with first filter, what if you found that the website blocked alert, confirm, prompt, and write what you will do in this case? just leave it .... I'm kidding :P you can use string concatenation and a magical function on JS and it's eval() what is eval do? it can be used to executes a string as JS codes and it accepts a string so I can add the code as parts like aler and t and (1337) every one of these is a part of the string i will use string concatenation to make it a single string and will pass it to eval function to execute it the payload will be like eval("aler"+"t"+"(1337)") this will execute alert(1337) it will first concatenate the string and will execute it and the filter will not notice it because it searches for alert . this filter is everywhere I think almost 90 of my XSS is using this one, what if the tags is delet