Client Side | Client Side Filtering (3) | Cycubix Docs
No need to pay if you know the code …
Solution
Let's intercept the request with ZAP and see what we can find about the checkout code.
If we open the developer tools we will see that there are some checkout code's but they do not work.
Let's see what the source code say at https://github.com/WebGoat/WebGoat/blob/main/src/main/java/org/owasp/webgoat/lessons/clientsidefiltering/ClientSideFilteringFreeAssignment.java
We can see there is a SUPER_COUPON_CODE="get_it_for_free".
PreviousClient Side | Client Side Filtering (2) | Cycubix DocsNextClient Side | HTML Tampering | Cycubix Docs
Last updated