Lab 8: Bypassing 2FA
I got two usernames and passwords.
- My credentials:
wiener:peter
- Victim's credentials
carlos:montoya
I started by testing the first one to see how it worked and what pages I could access when logged in to then try to access those pages
I am now gonna try to use IDOR to change the reference to Carlos to see if it would allow me but it didn’t.
At this point, I still think that I might be able to change into Carlos.
As I was logging into Carlos i used the reference to then change to Carlos.
Comments
Post a Comment