Forum Discussion

Wasfi_182818's avatar
Wasfi_182818
Icon for Nimbostratus rankNimbostratus
Feb 15, 2016
Solved

Parameter tampring of the parameter

Hi;

 

Why would the passing of parameter "nick" to the user_menu.php yield disclosing the details of user1's CC details?

 

http://10.10.200.10/user_menu.php?nick=student1

 

This may yield the following in the browser:

 

Name CC Email Address Phone number User1's 1234567812345678 xx@xxx.com xxxxx 12345678

 

I mean if parameter nick does not exist in the first place as an application URL parameter, why is the hacker ending up with the details of User1's CC?

 

Kindly Wasfi

 

ASM Advanced WAF
security
  • Ido_Breger_3805's avatar
    Ido_Breger_3805
    Feb 15, 2016

    Hi Wasfi, 'nick' is a valid parameter of the user_menu.php page and it does exist (the page is expecting this parameter). When the user_menu.php page is requested with the the 'nick' parameter and a value ('student1' in this case), the page displays the user menu of the username submitted as a value to the nick parameter. Within the user menu page, one can see his personal details like address, phone etc.

     

3 Replies

Sort By
  • Ido_Breger_3805's avatar
    Ido_Breger_3805
    Historic F5 Account
    Feb 15, 2016

    Hi Wasfi, 'nick' is a valid parameter of the user_menu.php page and it does exist (the page is expecting this parameter). When the user_menu.php page is requested with the the 'nick' parameter and a value ('student1' in this case), the page displays the user menu of the username submitted as a value to the nick parameter. Within the user menu page, one can see his personal details like address, phone etc.