This GitHub repository contains three logic flaw labs: 2FA Bypass, Business Logic Flaw, and Type Juggling. These labs were covered in my recent session at The Hackers Meetup in Ahmedabad in June 2023. Additionally, I have included my presentation PPT in the repository for your reference. To set up these labs on your system, please follow the instructions given below.
Logic flaws are errors in computer programs that occur when the logical reasoning within the program is flawed or incorrect. These flaws can lead to unintended and unexpected behavior, compromising the security and functionality of the program. Common logic flaws include improper validation of user input, incorrect conditional statements, and inadequate handling of exceptions. Hackers can exploit these flaws to gain unauthorized access, manipulate data, or disrupt the normal operation of a system. To prevent logic flaws, developers should carefully validate and sanitize user input, ensure correct and comprehensive conditional statements, and thoroughly test their code to identify and fix any logical errors. More can be Refered in the Presentation PPT.
- Download XAMPP.
- Install XAMPP and clone the repository into the htdocs folder
located at *\xampp\htdocs.
- Start
Apache
andMySQL
modules in XAMPP. - Access the lab by visiting
127.0.0.1
orlocalhost
in your browser.