• Home

  • Software

  • Web Application Security 101 - 13 Business Logic
5

Click here to load reader

Web Application Security 101 - 13 Business Logic

Embed Size (px)

DESCRIPTION

In part 13 of Web Application Security 101 we cover various business logic security vulnerabilities that effect modern web applications.

Citation preview

Page 1: Web Application Security 101 - 13 Business Logic

Business LogicVulnerabilities in application-specific features.

Page 2: Web Application Security 101 - 13 Business Logic

ExamplesRounding Errors

Number Conversions

Page 3: Web Application Security 101 - 13 Business Logic

Rounding ErrorsYou can see how the type-less systems such as those found in

Python, Ruby, Perl, JavaScript and other could result into a rounding

error.

print 4000/5000print 4000.0/5000print round(4000/5000)print round(4000.0/5000)

Page 4: Web Application Security 101 - 13 Business Logic

Number ConversionsSmall numbers can be represented in more than one way.

print 0.0005print 5e-4

Page 5: Web Application Security 101 - 13 Business Logic

LabLet's discover some business logic flaws.


Basic Security 101 - AlarmsBC presents alarm companies ... security 101.pdf · Basic Security 101. Overview • Components of an alarm system • Technology behind the equipment •

Basic Security 101 - AlarmsBC presents alarm companies ... security 101.pdf · Basic Security 101. Overview • Components of an alarm system • Technology behind the equipment •

Documents
Alert Logic Cloud Security Summit

Alert Logic Cloud Security Summit

Technology
PHP Security 101

PHP Security 101

Technology
Cyber security 101

Cyber security 101

Documents
101 Puzzles in Thought and Logic

101 Puzzles in Thought and Logic

Documents
Wordpress Security 101

Wordpress Security 101

Technology
Logic 101 lecture 2

Logic 101 lecture 2

Documents
AFI 31-101 Security

AFI 31-101 Security

Documents
Web Application Security 101

Web Application Security 101

Technology
Computer security 101 computer security 101 Eric Pancer Computer Security Response Team

Computer security 101 computer security 101 Eric Pancer Computer Security Response Team

Documents
Web Security 101

Web Security 101

Technology
Computer Science 101 Logic Gates and Simple Circuits

Computer Science 101 Logic Gates and Simple Circuits

Documents
IIS Security 101

IIS Security 101

Documents
WordPress Security & Backups 101

WordPress Security & Backups 101

Internet
Social Security 101

Social Security 101

Business
System Security Plans 101

System Security Plans 101

Technology
LOGIC 101: Introduction to Persuasive Methods. Errors in LOGIC (Logical Fallacies)

LOGIC 101: Introduction to Persuasive Methods. Errors in LOGIC (Logical Fallacies)

Documents
Security analysis of logic obfuscation - UCF Department …jinyier/courses/EEE4932/Papers_Final/Security... · 83 Security Analysis of Logic Obfuscation Jeyavijayan l~ajendrant, Youngok

Security analysis of logic obfuscation - UCF Department …jinyier/courses/EEE4932/Papers_Final/Security... · 83 Security Analysis of Logic Obfuscation Jeyavijayan l~ajendrant, Youngok

Documents
Computer security 101

Computer security 101

Technology
Mobile Security 101

Mobile Security 101

Technology
Security 101 - Presentation

Security 101 - Presentation

Documents
Security Exploit of Business Logic Flaws, Business Logic Attacks

Security Exploit of Business Logic Flaws, Business Logic Attacks

Technology
DSC 101: Security

DSC 101: Security

Documents
Enterprise security architecture 101

Enterprise security architecture 101

Business
101 Problemas y Juegos de Logic - El Pensador

101 Problemas y Juegos de Logic - El Pensador

Documents
Logic Model 101 - | learn24

Logic Model 101 - | learn24

Documents
Alert logic cloud security report

Alert logic cloud security report

Technology
Logo logic 101

Logo logic 101

Small Business & Entrepreneurship
SY0-101 CompTIA SY0-101 Security+ Version 24.0

SY0-101 CompTIA SY0-101 Security+ Version 24.0

Documents
Hardware Security and Logic Locking

Hardware Security and Logic Locking

Documents