Bugtraq mailing list archives
Re: Price modification in Element InstantShop
From: "Forrest J. Cavalier III" <mibsoft () mibsoftware com>
Date: Tue, 24 Oct 2000 14:12:11 -0400
[snip of exploit which manipulates HTML hidden form inputs] Regrettably common, I think. This is just a reminder (with PHP3 code) that one simple technique to protect against this kind of tampering is to use a signature to validate the hidden values. In PHP3, it is as simple as using md5 with a secret, like this: $secret = "Some constant, unrevealed string."; /* On writing out the form */ echo "<INPUT TYPE=hidden NAME=price VALUE=\"$price\">"; echo "<INPUT TYPE=hidden NAME=hidden2 VALUE=\"$hidden2\">"; echo "<INPUT TYPE=hidden NAME=hidden3 VALUE=\"$hidden3\">"; echo "<INPUT TYPE=hidden NAME=hiddensig VALUE=\"" . md5($price . $hidden2 . $hidden3 . $secret) . "\">"; /* On reading in the form */ if (md5($price . $hidden2 . $hidden3 . $secret) != $hiddensig) { /* Tampering detected */ } else { /* Signature matches expected */ } Forrest J. Cavalier III, Mib Software Voice 570-992-8824 http://www.rocketaware.com/ has over 30,000 links to source, libraries, functions, applications, and documentation.
Current thread:
- Price modification in Element InstantShop Zoa_Chien (Oct 25)
- <Possible follow-ups>
- Re: Price modification in Element InstantShop Forrest J. Cavalier III (Oct 25)
- Re: Price modification in Element InstantShop Glover, Mike (Oct 26)
- Re: Price modification in Element InstantShop JJ Halans (Oct 28)