What we introduce here is referenced from note by Alan, he mentioned that we better attack method is to use Burp Suite Intruder option Sniper mode, which is more close to real life scenario. Here we will walk through the process:

Goal: 

Perform Intruder attack to get the hotel client list with room info. 

Method: 

Try to use the off-by-one overflow vulnerability to perform overflow attack to collect client info 

Step by step Guide

1. Start Burp Suite Proxy and turn intercpt on, now Fill up the form with First/Last name and room number, click Submit to continue.


Off-by-One Overflow is the vulnerability due to programming error that with extra one or two bytes beyond an allowed buffer. 

Goal: 

Perform overflow attack to get the hotel client list with room info. 

Method: 

Try to use the off-by-one overflow vulnerability to perform overflow attack to collect client info 

Step by step Guide

1. From the resource code file OffByOne.java provided, we can see it has Off-by-One Overflow vulnerability. So we will overflow "param3" which is ROOM_NUMBER


Please publish modules in offcanvas position.