mirror of
https://github.com/tmoron/darkly.git
synced 2025-09-27 12:48:35 +02:00
20 lines
993 B
Markdown
20 lines
993 B
Markdown
# Client side validation bypass
|
|
|
|
## How We Found It
|
|
On the home page, there is a link to a survey page. this page has a list of subject, an average score and a number of vote. We can give a grade between 0 and 10.
|
|
But what if we change in the html page, the value of a score and put something bigger than 10, can we put a grade of 1000 ?
|
|
Yes we can, and we get a flag.
|
|
|
|
## Utility of It
|
|
This allows an attacker to:
|
|
- Submit invalid or malicious data (e.g., score > 10).
|
|
- Manipulate application logic (e.g., gain unfair advantage or retrieve flags).
|
|
- Potentially exploit further vulnerabilities if the data is used insecurely elsewhere (e.g., SQL injection, XSS).
|
|
|
|
|
|
## How Can We Patch It
|
|
- Validate all input on the server side regardless of client-side checks.
|
|
- Enforce boundaries (e.g., score must be between 0 and 10) on the backend.
|
|
- Use a schema validation library or built-in mechanisms to reject bad data.
|
|
- Never trust client-side data blindly — browsers can be manipulated.
|