Logical Exploits Of Integer Overflow 2023

By XiaoXin
A Bit Randomly

Table of contents 1. Virtual machine basic configuration configure static IP set hostname set hosts install ssh 2. Ubuntu system settings disable swap Modify kernel parameters 3. Install contained 4. Install Kubernetes com... Read Build a K8s cluster on Ubuntu 22.04

Main Contents

Logical Exploits Of Integer Overflow

Note: When doing an overflow test, it may cause the target server to go down, and you need to apply for authorization from the authorized unit before testing.

  1. The range of int is -2147483648~2147483647. You can think of it as a loop, when the maximum value is exceeded, it will restart from 0
  2. For example, 2147483649=-2147483647. Sometimes there is no negative number in the payment, so the calculation starts from 0
  3. When the payment amount is 2147483649, the payment amount becomes 1, that is, 2147483649-2147483648=1
  4. When paying, you can directly change the amount to this value, and you can also set the total price to this value when testing the product. 2147483648/item unit price+1=item quantity
  5. The purpose of the above approach is simply to modify the payment amount or the quantity of purchased goods through integer overflow.
Please Share This Article Thank You!

Parts of E-Commerce System Security Checklist
Logical Exploits Of Frontend Validation, Time Limit

Breaking through the time limit Time-limited activities on some websites set the time range of the activity, and you can try to change the time parameter to an unrestricted range of activities by capturing packets. Fronten...

Logical Exploits Of Order, Payment

Order Close Create an order with a coupon and stay on the payment interface close order, return to coupon Use the coupon to create another order; put the first outstanding order into payment The product has been closed and...