Password reset broken logic
https://portswigger.net/web-security/authentication/other-mechanisms/lab-password-reset-broken-logic
Level: Apprentice
The following lab basically says Reset another's user password.
So, go straight to it.
Click on the Forgot Password
I made the common process of resetting the password for my account
Start to intercept literally every request to make some recon.
Finally, I get Something Interesting in the parameters and info we are passing once we put our new password.
There is a username parameter that if we change it to user Carlos, we can change his password using my respective new password form.
Last updated