Web application security - the fast guide 1.1 | Page 109

Chapter 5 - Attack Execution the client
P a g e | 109
C. Release the altered request.
Example:
http://testwebsite.com/buy/?pid=12&discount=4
In the previous example changing the discount parameter directly from address
bar can change the discount on the product.
5.20 Only Client side validation
Send legitimate Request
with valid values
Web Form Client Only
Validation
Intercept
request with
Proxy like Burp
Manipulate Values
and add malicious
Contents (SQL inj.)
Retransmit with
malicious
contents
No
Server
Validatio
Send privileged
response to client
(and/or ) execute
a malicious code
Figure 43: client only validation attack
any JavaScript based validation without server side interference can be
manipulated and bypassed.
Attacker might try to alter the allowed max length to enable free entry in the
field. Attack will disable the validation in the form to enable any type of cross site
scripting, SQL injection or memory overflow.
Attack requirement
 No server side form validation.
Attack process
A. Using a proxy capture the response containing the page with the form.
B. Alter the values to required values to execute any attack like SQL
injection.
C. Alter the JavaScript validation by disable or by simply returning valid
whatever value is entered.
D. Release the altered response and submit the form.