-
Notifications
You must be signed in to change notification settings - Fork 0
Insecure deserialization
Alnoman Kamil edited this page Nov 21, 2024
·
4 revisions
Apprentice lab:
Modifying serialized objects
Apprentice lab:
Modifying serialized objects
-
Solution
- Log in as
wiener:peter. - Check the cookie set from the website.
- URL decode it and then
base64 -ddecode it. - Change the admin value from 0 to 1 (true).
- URL encode it and then
base64encode it. - Use the modified cookie, Rfresh and access Admin panel to delete carlito.
- Log in as
Practitioner lab:
Modifying serialized data types
Practitioner lab:
Modifying serialized data types
-
Solution
- Log in as
wiener:peter. - URL decode and
base64 -decode it. - Change the string value
wienertoadministratorand update theslength accordingly. (word | wc -m). - Remember
sstands for string, so change it tointeger and set it to 0. - URL encode and base64 encode it (
echo -n 'string' | base64 | jq -rR @uri). - Set it as a cookie.
- Log in as
Solutions for the Portswigger's Web Security Academy using mitmproxy and other cli tools instead of Burp Suite
Server-side topics:
- SQL injection
- Authentication
- File path traversal
- OS command injection
- Business logic vulnerabilities
- Information disclosure
- Access control vulnerabilities
- File upload vulnerabilities
- Race conditions
- Server-side request forgery (SSRF)
- XML external entity (XXE) injection
- NoSQL injection
- API testing
- Web cache deception
Client-side topics:
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- Cross-origin resource sharing (CORS)
- Clickjacking
- DOM-based vulnerabilities
- WebSockets
Advanced topics: