Click here to load reader
Upload
websecurify
View
49
Download
2
Embed Size (px)
DESCRIPTION
In part 13 of Web Application Security 101 we cover various business logic security vulnerabilities that effect modern web applications.
Citation preview
Business LogicVulnerabilities in application-specific features.
ExamplesRounding Errors
Number Conversions
Rounding ErrorsYou can see how the type-less systems such as those found in
Python, Ruby, Perl, JavaScript and other could result into a rounding
error.
print 4000/5000print 4000.0/5000print round(4000/5000)print round(4000.0/5000)
Number ConversionsSmall numbers can be represented in more than one way.
print 0.0005print 5e-4
LabLet's discover some business logic flaws.