Introduction
Hello friends, how are you? Today, we are going to write a practical-based article on access control vulnerabilities. This is our 4th article on access control vulnerabilities. In this article, we will cover the PortSwigger Web Security lab “User role can be modified in user profile” with a complete step-by-step practical approach.
Lab Description Of User role can be modified in user profile
In this lab, we have an admin panel available at the /admin endpoint. The application stores data in JSON format. To put it simply, only users with a role ID of 2 can access the admin panel. To solve this lab, we need to access the admin panel and delete the carlos account.
We have already been provided with our account credentials. The username is “wiener” and the password is “peter”.
To solve the lab, we first need to access it. After accessing the lab, we need to log in using our account ID. Once logged in.
We will find an option to change our email. Open your Burp Suite and connect the proxy. Before clicking on the email update, enable the intercept feature. Once enabled, capture the intercepted request.
So i intercepted the request while updating the email. I right-clicked on the intercepted request and selected “Send to Repeater”.
I modified the request as follows:
{“email”:”test@test.com“, “roleid”:2}
As you can see, the role ID in the response has been changed to 2. Now, let’s check the response in the browser to see if we have become an admin user or not.
hum admin user ban gye hain ab hame carlos ke account ko delet karna hoga ka ta lab solve hojaye hamara.
We have successfully become an admin user. Now, we need to delete the carlos account to solve the lab.
So, as you can see, we have successfully solved the PortSwigger Web Security lab “User role can be modified in user profile”. Congratulations! You can also follow me on Twitter @masaudsec.
You can learn everything related to web security on our website. We upload the latest articles on web security topics on a daily basis, so stay with us.
To continue studying check out the next lab i.e. User ID Controlled By Request Parameter, cover the current lab before visiting the next lab. Good Luck!
FAQS
Website security refers to protecting a website or web application from cyberattacks, unauthorized access, or other security threats.
Web application security means protecting a website from cyberattacks. These attacks may include vulnerabilities such as SQL injection, XSS, file inclusion, and others.
It is always a good practice to use an up-to-date browser with timely updates. Keep your browser plugins up-to-date, avoid malicious websites and links, and always enable 2-factor authentication while avoiding clickjacking.
Searching for someone’s social security number or credit card information on the dark web is illegal and unethical. It is important to always avoid such activities and protect yourself and others from cyber threats.
