Categoría: Portswigger Lab writeup

Authentication bypass via OAuth implicit flow

Descripción This lab uses an OAuth service to allow users to log in with their social media account. Flawed validation by the client application makes it possible for an attacker to log in to other users’ accounts without knowing their password. To solve the lab, log in to Carlos’s account. His email address is carlos@carlos-montoya.net. You […]

Authentication bypass via encryption oracle

Descripción This lab contains a logic flaw that exposes an encryption oracle to users. To solve the lab, exploit this flaw to gain access to the admin panel and delete the user carlos. You can log in to your own account using the following credentials: wiener:peter Authentication bypass via encryption oracle writeup Al entrar al laboratorio veremos […]

Authentication bypass via flawed state machine

Descripción This lab makes flawed assumptions about the sequence of events in the login process. To solve the lab, exploit this flaw to bypass the lab’s authentication, access the admin interface, and delete the user carlos. You can log in to your own account using the following credentials: wiener:peter Authentication bypass via flawed state machine writeup Al […]

Insufficient workflow validation

Descripción This lab makes flawed assumptions about the sequence of events in the purchasing workflow. To solve the lab, exploit this flaw to buy a «Lightweight l33t leather jacket». You can log in to your own account using the following credentials: wiener:peter Insufficient workflow validation writeup Accederemos al laboratorio e iniciaremos sesión en ‘My account’ con […]

Weak isolation on dual-use endpoint

Descripción This lab makes a flawed assumption about the user’s privilege level based on their input. As a result, you can exploit the logic of its account management features to gain access to arbitrary users’ accounts. To solve the lab, access the administrator account and delete the user carlos. You can log in to your own account using […]

Inconsistent handling of exceptional input

Descripción This lab doesn’t adequately validate user input. You can exploit a logic flaw in its account registration process to gain access to administrative functionality. To solve the lab, access the admin panel and delete the user carlos. Inconsistent handling of exceptional input writeup En este caso nos encontramos ante un ataque por truncamiento. Vamos a […]

Low-level logic flaw

Descripción This lab doesn’t adequately validate user input. You can exploit a logic flaw in its purchasing workflow to buy items for an unintended price. To solve the lab, buy a «Lightweight l33t leather jacket». You can log in to your own account using the following credentials: wiener:peter Low-level logic flaw writeup Añadiremos el producto al […]

Flawed enforcement of business rules

Descripción This lab has a logic flaw in its purchasing workflow. To solve the lab, exploit this flaw to buy a «Lightweight l33t leather jacket». You can log in to your own account using the following credentials: wiener:peter Flawed enforcement of business rules writeup Al entrar veremos una tienda online que nos ofrece el cupón de […]

Inconsistent security controls

Descripción This lab’s flawed logic allows arbitrary users to access administrative functionality that should only be available to company employees. To solve the lab, access the admin panel and delete the user carlos. Inconsistent security controls writeup Al entrar en el laboratorio veremos una tienda online. Añadiremos a la URL (/admin) para acceder al panel de […]

High-level logic vulnerability

Descripción This lab doesn’t adequately validate user input. You can exploit a logic flaw in its purchasing workflow to buy items for an unintended price. To solve the lab, buy a «Lightweight l33t leather jacket». You can log in to your own account using the following credentials: wiener:peter High-level logic vulnerability writeup Entramos en ‘My account’ […]