User ID controlled by request parameter, with unpredictable user IDs
https://portswigger.net/web-security/access-control/lab-user-id-controlled-by-request-parameter-with-unpredictable-user-ids
Level: Apprentice
In this lab we need to get access to the API Key of Carlos again.
If you try to get access to another user account by changing the id parameter to Carlos, we will not see anything interesting
Now the users have an identifier random number.
Making some recon on the posts in the page, you will see that you can see another user id random number by clicking on a posts of the respective user
Try to copy the
userid
from one of the posts from user Carlos.Paste the user id from the post into your
my-account
userid and you will that we're log into the account of carlos to complete the lab.
PreviousUser ID controlled by request parameterNextUser ID controlled by request parameter with data leakage in redirect
Last updated