2.3 Broken Authentication Lab Instructions Part 2

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

12 hours 9 minutes
Video Transcription
Hi, everyone. Welcome back to the course. So in the last video, we went ahead and created our student user account. We also loved it is a student user. And we took a look at the top right of the screen to make sure that the student was the user that we were long Dennis.
In this video, we're gonna go ahead and finish out the rest of our lab on broken authentication, So we'll go ahead and edit the cookie on. And it's not a chocolate chip cookie. So if you're getting hungry right now, it's not one of those. But we're gonna go ahead and edit our cookie, and we're gonna see if, by doing that, we can actually escalate our privileges and potentially log be lugging is a different
So we'll take a look at that a little later and see if we can get loved it as a different user. But let's go ahead and get our cookie set up now.
So what we're gonna do is we're gonna click this
lucky icon here at the top. Excuse me, Is that the kind of the top of the page here? But it's not the right of the Earl section. So it looks like a little cookie. We're gonna select this little drop down menu here, and then we're gonna click on this search Mattila Day option.
So go ahead and click all that.
You'll see it pulls up some different cookies in the back ground forces options.
So we see here a step 15 that the papa box it did open for us.
Now, what we're gonna do is we're gonna make sure that the the check box next to the U I. D option is checked. So that's what we want to take a look at in most cases, and as you'll see here in a second and should default with that check market it. But if it doesn't for some reason, you would just want to check the box so you'll see on my end, it did default.
But, for example, we pulled up and it looked like that
we would just want to make sure we click on in the box there and check it.
All right, let's go back to our lab document.
So once we've checked it, we're in. Click on the edit button down at the bottom of this papa box, and we're gonna change the value in the content bus. We're gonna change it to be a one instead of the 24. Now that the rationale behind this is, in many cases, a administrator, top of account is gonna be something like a zero or one.
And then, like you're generalized seizures
would start going up, you know, in number from there s O, for example, like 24 would be a later user, Kim. And that may or may not have administrative privileges, but they're not a specifically designated as the administrator account. So we're changing it to a one in the hopes that we will be able to
take over the admin account. And Logan is the administrator.
So let's go ahead and do that now.
So, Beckett or Papa box here, we're gonna click the edit button at the bottom
under the content box. You'll see it has a number 24. What is going to change that to a one,
and then we're gonna select the save button here.
All right, So once we've done that, our last option here, Susan, our last step is gonna be just click of the close button on our pop up box, and then we're gonna click back on home here at the top left. And what we want to do is we want to look
at the top right of our screen after we do all that kind of like we did before when we went ahead and created a student account of loved. And it's a student. We've verified that the student was logged in. We're gonna look again in that same area. So first things first, Let's go ahead and click close here to closer Papa box.
Next, we're gonna click home at the top of left here. Doesn't take us back to the home page.
And then what I want you to do is I want you to take a look at the top of right of the screen and
who's logged in. Now where we lock down is now Are we still a student or we have been talking to somebody else?
All right, So if you notice at least on my end on London, as as the administrator now, if you're successful in performing the alteration of that cookie, then you should also see that you're loved NSC administrator.
All right, So question three here is just basically telling you to click on different pages throughout the site on we want to see dusty user account changed back. It also doesn't change back to student as we click through different items on this site.
All right, so do we see it up? Looks like we still got admin, and we get the little pop up there. That's kind of kind of annoying hum that gets in our way there. But we see admin there. Okay, well, let's try to click someplace else. Let's see what happens. I'll just click a random thing here, Um, he and we'll go back to 2017 so it just makes a little more sense.
So let's see. Here you are. We still loving this admin up? We are. So you get the idea, right? No matter where we go now on the site, we should be still loving is an admin. So we could potentially compromise things and do different things.
All right, so this is kind of a quick lab on broken authentication, recovered some generalized information as far as like, creating a user account. Look verifying we logged in disease or account and then altering a cookie to take control of the administrator account on the system on. And that way we can act a CME in and do
potentially in a fairy stinks. Of course, we're all good people who are not doing that.
But if we were a bad person, we could Do you know, various things to this particular weather application
are so in the next module were to go ahead and cover sensitive data exposures. We again, we just finished up our discussion on broken authentication and our lab on broken authentication. And now we're gonna jump into sensitive data exposure. What is it? Why do we care on what the impact might be to the organization?
Up Next