Skip to main content

User role controlled by request parameter

1

We can login using the following credentials:

UsernamePassword
wienerpeter

2

Since we are proxying the traffic through Burp Suite, we can see this request in the Proxy > HTTP History tab.

3

As we can see, the response sets an Admin cookie to false. In the next request, we can see that the cookie is used in the header.

4

Let's go into the browser Developer Tools > Storage and set the Admin cookie to true.

8

We can now refresh the page.

6

We now have access to the admin panel.

7

Let's delete the carlos user.

9

We have solved the lab.

10