Hello guys, how are you all? Today we will write articles on access control vulnerabilities. This is our 10th article on access control vulnerabilities. In this article, I will cover the PortSwigger Web Security lab ‘URL-based access control can be circumvented.’ I will provide a complete step-by-step practical guide to solve the lab.
Lab Description Of URL-based access control can be circumvented
Now I am an admin panel with the name ‘/admin.’ It has been configured in the front-end system to block external users, so only internal users can access it. However, the back-end application on which it is built supports the ‘X-Origional-URL’ header. To solve this lab, we need to access the admin panel and delete Carlos’ account.
First, access the lab. You can also find the Admin panel in the lab’s menu.
When I clicked on the admin panel, you can see that it’s blocking me because I am an external user.
First, go to the page and intercept its request. At the end, add ‘X-Origional-URL: /invalid.’
Now remove ‘/invalid’ and replace it with ‘/admin.’ You will gain access to the admin panel.
Now, enter ‘/admin/delete,’ and your lab based on portswigger web security URL-based access control can be circumvented will be solved.
you can learn everything related to web security on our website. We upload the latest articles on web security topics on a daily basis, so stay with us.
To continue studying check out the next lab i.e. Method-Based Access Control Can Be Circumvented, cover the current lab before visiting the next lab. Good Luck!
Website security refers to protecting a website or web application from cyberattacks, unauthorized access, or other security threats.
Web application security means protecting a website from cyberattacks. These attacks may include vulnerabilities such as SQL injection, XSS, file inclusion, and others.
It is always a good practice to use an up-to-date browser with timely updates. Keep your browser plugins up-to-date, avoid malicious websites and links, and always enable 2-factor authentication while avoiding clickjacking.
Searching for someone’s social security number or credit card information on the dark web is illegal and unethical. It is important to always avoid such activities and protect yourself and others from cyber threats.