Ethical Hacker's Penetration Testing Guide: Vulnerability Assessment and Attack Simulation on Web, Mobile, Network Services and Wireless Networks by Samir Kumar Rakshit

Author:Samir Kumar Rakshit [Rakshit, Samir Kumar]
Language: eng
Format: epub
ISBN: 9789355512154
Publisher: BPB Publications
Published: 2022-06-15T00:00:00+00:00

Create ACCESS-KEY for Admin a/c A and non-Admin account B. Now, use the ACCESS-KEY of the non-Admin a/c B to access/modify resources like inventories, etc. of Admin a/c A to confirm Privilege Escalation issue in API.

Login to a/c A in browser 1 and login to a/c B in browser 2. Now, the resource URL-1 of a/c A, say: https://rakshit.org/inventories/32006810 and the resource URL-2 of a/c B: https://rakshit.org/inventories/32006811.

Now, browse URL-2 in browser 1 and URL-1 in browser 2 to check if we are able to access the resources properly to confirm IDOR issue.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.