Introduction

Hello friends, how are you all? Today we are starting to write articles on access control vulnerabilities. This is our 2nd article on access control vulnerabilities. In this article, we will cover the lab “Unprotected admin functionality with unpredictable URL” from PortSwigger Web Security. We will provide a complete step-by-step practical approach to help you understand it better.

Lab Description Of Unprotected admin functionality with unpredictable URL

In this lab, our objective is to find the admin panel and delete Carlos’ account. However, it is not the same as the previous lab where we explored the robots.txt file to find the admin panel URL.

Lab Solution

In this lab, we need to read the application’s source code and find the admin panel to delete Carlos’ account.

The lab appears as follows. Right-click on it and select “View Page Source” to access the source code.

When I searched for “admin” in the source code, I found the location of the admin panel. You need to read the entire source code in real cases.

As you can see, when I appended the admin panel path to the lab’s URL, I gained access to the admin panel. There is no need to complete any authorization process, as there is a flaw that allows direct access to the admin panel.

Now, we will solve the lab by deleting Carlos’ account.

As you can see, I have successfully deleted Carlos’ account, and our lab is now solved.

You can learn everything related to web security on our website. We upload the latest articles on web security topics daily, so stay with us.

Feel free to follow me on Twitter @masaudsec.

We have successfully solved the PortSwigger Web Security lab Unprotected admin functionality with unpredictable URL. Congratulations!

To continue studying check out the next lab i.e. User Role Controlled By Request Parameter, cover the current lab before visiting the next lab. Good Luck!

FAQS