Hackzzz - The Notebook

Unprotected admin functionality with unpredictable URL

https://portswigger.net/web-security/access-control/lab-user-role-controlled-by-request-parameter

Level: Apprentice

Here in this lab, we need to find the hidden location of a directory that is somewhere on the webpage, with some recon of the page we can see the admins hidden directory.

We will see that there is JavaScript code in the main page, here is declaring a variable and if that variable is equal to true, we will see an "Admin Panel" that will send you to a directory called "/admin-25cle9".
Let's take a look to the hidden admin directory.

Finally, we get inside the admin panel and delete the user Carlos.

PreviousUnprotected admin functionality NextUser role controlled by request parameter

Last updated 1 year ago