Lab #1 Unprotected admin functionality

In this video, we cover Lab #1 in the Access Control Vulnerabilities module of the Web Security Academy. This lab has an unprotected admin panel. To solve the lab, we exploit the access control vulnerability to access the admin panel and delete the user carlos user.


▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬

Notes.txt document: https://github.com/rkhal101/Web-Security-Academy-Series/blob/main/broken-access-control/lab-01/notes.txt

Python script: https://github.com/rkhal101/Web-Security-Academy-Series/blob/main/broken-access-control/lab-01/access-control-lab-01.py

Web Security Academy Exercise Link: https://portswigger.net/web-security/access-control/lab-unprotected-admin-functionality

Rana's Twitter account: https://twitter.com/rana__khalil

Complete and Continue