7.4 Lab: User role can be modified in user profile | 2023

This Lab has an admin panel at /admin. It’s only accessible to logged-in users with a roleid of 2, Solve the lab by accessing the admin panel and using it to delete the user Carlos | Karthikeyan Nagaraj

Karthikeyan Nagaraj
2 min readSep 19, 2023

Description

This lab has an admin panel at /admin. It's only accessible to logged-in users with a roleid of 2.

Solve the lab by accessing the admin panel and using it to delete the user carlos.

You can log in to your own account using the following credentials: wiener:peter

Solution

  1. Login with Credentials wiener:peter
  2. Try to change the email and Capture the Request
  3. Send the Request to Repeater
  4. Send the request and watch that the response has 4 arguments that contain roleid with a value of 1
  5. Now Add a variable roleid into the JSON body in the request with a value of 2
  6. Notice that the value of roleid has changed to 2 in the response
  7. Now, switch of the proxy, navigate to /admin page and delete user Carlos to solve the lab

If you would like to support me so that I could create more free content — https://www.buymeacoffee.com/cyberw1ng

Thank you for Reading!

Happy Hacking ~

Author: Karthikeyan Nagaraj ~ Cyberw1ng

Telegram Channel for Ethical Hacking Dumps — https://t.me/ethicalhackingessentials

--

--

Karthikeyan Nagaraj

Security Researcher | Bug Hunter | Web Pentester | CTF Player | TryHackme Top 1% | AI Researcher | Blockchain Developer