How to change Html / Javascript values?

[OfficerDDoS]

Hey guys, 

 

how can i change values like the prices on cheap old Websites in a purchase request? Sometimes its easy to change it a little bit if it looks like this 

Please Login or Register to see this Hidden Content

but on many sites they're more hidden. I mostly get 0 results if i search the whole code on the value i want to inspect. 

[OfficerDDoS]

Any idea ? There is a Browseraddon where you can catch the request and just change the values but i forgot the name.

[Trees]

This kind of exploit is a relic of the early-mid 2000s before server-side validation was EZ to do. With the various payment frameworks, APIs, and additional offerings available today, no one is coding these kind of things by hand anymore.

 

The exact way this worked is based on how the payment system(s) conducted transactions, also due to bad configuration of buttons (think the old PayPal dono buttons). When a transaction went through for a specific item, the price wasn't taken into account, i.e. you could literally pay $0.01. And also this method usually involved instantly-available pay-to-download content like Videos, Audio/Music, Ebooks, etc, where the content needed to be available instantly.

 

Now-a-days, this is handled by multiple services communicating with each other through backend APIs to verify that the payment was completed, successful, and for the correct amount. At best, you will lose your money.

 

There are many tools that used to be used to do this. I believe the tool you are referring to was called TamperMonkey or TamperData or similar. You can try Fiddler or even just use inspect element (right click near element).

[OfficerDDoS]

This kind of exploit is a relic of the early-mid 2000s before server-side validation was EZ to do. With the various payment frameworks, APIs, and additional offerings available today, no one is coding these kind of things by hand anymore.

 

The exact way this worked is based on how the payment system(s) conducted transactions, also due to bad configuration of buttons (think the old PayPal dono buttons). When a transaction went through for a specific item, the price wasn't taken into account, i.e. you could literally pay $0.01. And also this method usually involved instantly-available pay-to-download content like Videos, Audio/Music, Ebooks, etc, where the content needed to be available instantly.

 

Now-a-days, this is handled by multiple services communicating with each other through backend APIs to verify that the payment was completed, successful, and for the correct amount. At best, you will lose your money.

 

There are many tools that used to be used to do this. I believe the tool you are referring to was called TamperMonkey or TamperData or similar. You can try Fiddler or even just use inspect element (right click near element).

 

It took me a while to read your post but man you helped me alot ^^. Ive usually just used "inspect Element" and tried to manipulate payment forms. But this works only for like 1% of the sites ive tested. Saw a yt video where IT Experts used a browser plugin or something to change the request and yea that could be tampermonkey ^^ not sure atm

 

but its good to know that this is just a super old method to configure payments on a website