Skip to main content

Inconsistent security controls

1

We can go to the Target > Site Map tab in Burp Suite in order to see the domain.

2

Let's left click on the domain present and then Engagement tools > Discover content.

3

That would tell us that there is a directory called /admin. Alternatively, we can also directory fuzzing tools.

Let's visit the /admin page through the browser.

4

As we can see, the admin page is only accessible to "DontWannaCry" users.

Let's Register our user using our assigned email address.

5

Next, we can go to the Email client and click our registration email.

6

Then, we can login to our created account through the My account tab.

7

Once inside, we get the option to change our email.

Let's set it the following:

attacker@dontwannacry.com

8

Once we update our email, the admin panel becomes accessible to us.

9

Let's go inside the admin panel.

10

We have to delete the carlos user.

11

We have solved the lab.

12