Bypassing a payment gateway for FUN 🙂
Good day ppl ! This is Gnana Aravind, with a new write-up on how I bypassed the payment gateway of a website and made my payment successfully without paying even a single penny.Lets get started…
Few lines about Payment Gateway
When we buy something online, the last part will be completing the payment. Websites use multiple methods to make this done, like you may have seen some companies like Paytm, Razorpay, etc., services while doing the process. To know further about how payment gateway works, refer the article below.
What is payment gateway? and How does it work?
A payment gateway is an online payments' service that, when integrated with the e-commerce platform, is devised as the…
While I was browsing on internet this website came in a add, basically they were selling magazines on electronics and emerging technologies. Other than cyber security am very much interested in Electronics and Robotics, so I planed to make a subscription for a year and started the process for buying it. While doing the payment, my hacker mind started imagining why not to try bypassing the payment or to tamper the value of price.
Jumping into the Bypass
So quickly I fired up the burp and started intercepting the requests, then noticed that the site was using Paytm as the payment gateway. Firstly I tried parameter tampering on the price value, but nothing worked out as it was having a check sum validation at the end. But when I noticed the requests and responses during the process, after tampering the value, the webapp was returning a response with status code “330” and there were some false parameters. So quickly, I started modifying the false parameters to positive parameters, for example changed the code from 330 to 200. Finally I modified the response from this(In below screenshot the parameter was STATUS=TXN_FAILURE)
to something like this
The payment was successful and got a receipt stating that the order is successful and got a invoice like the one below.
Now, I was just happy partially, coz the website was not having any VDP or Bug bounty Program. So I just sent a mail to the support mail id stating that I found a vulnerability on the website and they responded with the mail id of their IT team. Quickly I made a POC and reported it in a proper way.
After a couple of days they replied me and requested to guide them to solve the issue. I spent some time with them and finally the issue was fixed. As a token of appreciation they sent me a swag (Bluetooth speaker) and added me to the subscription list for the magazine for which I visited the website 😅.
PS : Am building a community called Cyberonics where we will be organizing free workshops and webinars. Follow here Cyberonics to get updated about the events.
Cheers and Byeee… Meet you in the next write-up. Follow here to read my write-ups without missing.