API Payments 06

This exercise covers a simple payments bypass.

< 1 Hr.
API Badge


In this challenge, you will explore a shopping application that uses a payment gateway to manage transactions. When clients check out, they are redirected to the payment gateway, which receives the total amount to be paid based on the items in the cart. Your task is to identify a method to manipulate the payment amount, allowing you to pay less and retrieve the key for the challenge.

The video demonstrates adding items to the cart, checking out, and intercepting the request to alter the payment values. By modifying the quantity and providing a float instead of an integral, you can reduce the total payment amount. This manipulation enables you to stay within a $10 limit and successfully complete the challenge by obtaining the key.

Want to learn more? Get started with PentesterLab Pro! GO PRO