PortSwigger Lab: Authentication bypass via information disclosure
1 min read
Summary
The Authentication bypass via information disclosure lab hosted on PortSwigger requires penetration testing enthusiasts to exploit a vulnerability to gain admin access and delete a test user.
This is done by manipulating an unspecified parameter to send a custom HTTP header which grants admin access to the system.
This is achieved by using the TRACE method to observe the custom header, and then using the GET method to make another request with the header set to the loopback address.
This provides the user with admin privileges, which can then be used to navigate to the admin panel and delete the user.
The user is then redirected, and a message indicating that the lab has been solved should appear on the browser.
This lab teaches the user to analyse responses and recognise parameters that can be exploited to gain unauthorised access.