Skip to content

Comprehensive VAPT Report: Exploring Business Logic Vulnerabilities and Weak Isolation in PortSwigger by Putrinadilla

Original Post: Laporan VAPT dengan Materi PortSwiger : Business logic vulnerabilities | Weak isolation on… | by Putrinadilla | Jun, 2024

The content delves into two types of web application vulnerabilities, explored through practical labs conducted on PortSwigger.

  1. Business Logic Vulnerabilities (Weak Isolation on Dual-Use Endpoint):

    • This weakness arises from failure to anticipate unusual application states, allowing attackers to manipulate legitimate functions.
    • The lab demonstrated accessing an admin account and deleting a user by exploiting insufficient access control.
    • Through intercepting and modifying HTTP requests with tools like BurpSuite, it is possible to bypass current password checks and change the admin’s password without proper authentication.
    • They successfully manipulated user access, gaining unauthorized admin rights and deleting a user.
  2. File Upload Vulnerabilities (Web Shell Upload via Obfuscated File Extension):
    • This vulnerability allows harmful files to be uploaded due to poor validation controls on file attributes like type, content, or size.
    • In the lab, they exploited a file upload function by uploading a PHP web shell disguised as an image file.
    • By intercepting HTTP requests and modifying the file extension using a NULL byte (%00), they tricked the server into accepting and executing the PHP file.
    • The result was the successful retrieval of a secret file’s content from the server, demonstrating the critical risk of improper file validation.

These scenarios highlight the importance of rigorous validation and isolation mechanisms in web applications to prevent such vulnerabilities.

Go here to read the Original Post

Leave a Reply

Your email address will not be published. Required fields are marked *