Sitemap
Open in app

Sign in

Medium Logo
Write

Sign in

Mastodon
Infosec Matrix

Collection of Best Writeups for HackTheBox, Portswigger, Bug Bounty, TryHackme, OverTheWire, PwnCollege, PicoCTF, and More.

23.4 Lab: User ID controlled by request parameter with data leakage in redirect | 2023

Karthikeyan Nagaraj
1 min readNov 17, 2023

--

Description

This lab contains an access control vulnerability where sensitive information is leaked in the body of a redirect response.

To solve the lab, obtain the API key for the user carlos and submit it as the solution.

You can log in to your own account using the following credentials: wiener:peter

Solution

  1. Log In to wiener Account
  2. Turn on Foxy Proxy and turn on the Intercept
  3. In the URL change the Username from wiener to carlos
  4. Capture that Request and send it to Repeater
  5. Now, send the Request, and in the Response, you can see that the API key carlos is disclosed

If you would like to support me so that I can create more free content — https://www.buymeacoffee.com/cyberw1ng

Thank you for Reading!

Happy Hacking ~

Author: Karthikeyan Nagaraj ~ Cyberw1ng

Telegram Channel for Ethical Hacking Dumps — https://t.me/ethicalhackingessentials

Cybersecurity
Security
Careers
Penetration Testing
Bug Bounty

--

--

Infosec Matrix
Infosec Matrix

Published in Infosec Matrix

688 followers
Last published 5 days ago

Collection of Best Writeups for HackTheBox, Portswigger, Bug Bounty, TryHackme, OverTheWire, PwnCollege, PicoCTF, and More.

Karthikeyan Nagaraj
Karthikeyan Nagaraj

Written by Karthikeyan Nagaraj

12.2K followers
1 following

Entrepreneur | Writer | Cyber Security Consultant | AI Researcher TopMate - https://topmate.io/cyberw1ng

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech