Access control 13 | Referer-based access control

Save
5 days ago
Technology Education

Did we help you today? Show us your love here:
https://buymeacoffee.com/TORHAT
Paytm: https://tinyurl.com/TORHAT

Want us to train you for courses and certifications?
https://hmcyberacademy.com/learners.html

Want to hire us or our students for VAPT or SOC?
https://hmcyberacademy.com/companies.html

This video is for Educational purposes only.
https://portswigger.net/web-security/access-control
https://portswigger.net/web-security/access-control/lab-referer-based-access-control

Steps to solve:
1. Login to admin user. Go to admin panel, upgrade carlos user. Send that request to repeater.
2. Logout as admin and login as wiener. Copy session cookie of wiener.
3. Go to repeater and change the session cookie of admin with session cookie of wiener.
4. Change the parameter as username=wiener.
5. Send the request.

Socials:
Whatsapp: https://chat.whatsapp.com/JEWGrpUOqXxGYZas9901Ib?mode=wwc
Linkedin: https://www.linkedin.com/company/hmcyberacademy
Twitter: https://twitter.com/hmcyberacademy
Telegram Group: https://t.me/+a9nwT9mdgeJhMDA1
Instagram: https://www.instagram.com/hmcyberacademy/
Discord: https://discord.com/invite/caMKZRBjty
Rumble: https://rumble.com/c/hmcyberacademy
Email: [email protected]

#hmcyberacademy #portswigger #Cybersecurity #EthicalHacking #HackingLab #SecurityChallenge #CTF (Capture The Flag) #Infosec #WebSecurity #CyberChallenge #BugBounty #CaptureTheFlag #HackingChallenge #HackMe #SecurityTraining #password #accesscontrol #DebugPage #bugbounty #bugbountyhunter #bugbountytips #bugbounty #bugbountyhunter #bugbountytips

Loading comments...