Lab 5: User ID controlled by request parameter, with unpredictable user IDs
I entered the site and logged in with the credentials given to me.
The first thing that stood out to me was the API key.
After getting this I decided that it was best to look at the request with Burpsuite
after doing this I went to all the posts and checked that the blog ID had a reference to the user id and that I could change this ID to gain access to other users.
After doing it with Admin I found a post by Carlos that had a reference to his account and used it .
Here is Carlos Account and the API key.
Comments
Post a Comment