5.2 Broken Access Control Lab Instructions Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

12 hours 9 minutes
Video Transcription
Hey, everyone, welcome back to the course. So in the last video we talked about, Broken *** is controls were active, our discussion on it. And now in this lab, we're gonna taken example and see what kind of results we get back.
So you do need a cyber lab environment for this lab. As I've mentioned before, I've already at the lab launched here. Now you're gonna notice one minor difference on this particular lab. You may or may not see the papa boxes that we've been seeing in our labs. So for if you do see those, just click the next button and the OK button to close a pop up.
The other thing that I want to note is you may see
the lab in this format here on basically what you'll have to do to get credit for the lab. But you'll have to click through each step on just check the box and basically, you know, log what you've done, and I'll show you what that looks like as we go through the lab.
So first things first will be here in our Callie log in screen. So this has not changed. Will do the same username of student and the same password of students. So go ahead, talk that end student and then student again.
That'll get us logged into our Callie machine
now just a CZ before once we log into the Cali machine, we want to go ahead and disable our screen lock feature. So that way we can go through and actually performed the lab without any hiccups of the screen locking out on us
and you'll see here. It might take a moment or so to pull up Kelly, and you'll see it finally pulls up in the background there.
So again, I've gotta mentioning here right below Step five about the check boxes for this particular lab on, I'll Anderson mentioned, I'll show you as we go through the lab, how to do and how to navigate those.
All right, so first things first, let's go ahead and disable our screen lock, and then we can move on with our lab so that when we do that again and she's clicking the top of right Carol here
and give us a little menu, we choose the very bottom left icon. So the settings icon
and I might think you know up to five seconds or Soto go ahead and launch for us. It'll open it in a new window.
Once it does, we're gonna select privacy at the bottom left
and then we're gonna click on screen locked at the top,
and then finally we get a papa box. We're gonna actually go ahead and turn off the screen lock. So the way we do that is just moving that circle to the far left there,
and then we can go ahead and excited
are. So now we'll go back to our lab document.
So our first step here is we're gonna go ahead and launch Firefox. So we've been doing that many times. But if this is your first lab you're looking at, it's gonna be at the top of this row of icons here of this menu. We're gonna click the top one here. So this orange colored icon, orange and white colored icon it's gonna be Firefox. We'll just go ahead and click on that and I'll go ahead and launch the browser for us.
I might take a few seconds for soda launch. Once it does, it's gonna log us in. There is gonna actually take us to the mutilated a page again. Mattila Day is a vulnerable web application server provided by a wasp. So you're welcome. It downloaded on your own machine. And again all the labs were using in this course
have it preinstalled on them. So you don't have to do any configuration or anything like that.
Once the page loads, we're gonna go ahead and click the logging register button at the top there.
So let's go ahead and do that. Now,
let's go back to our lab document.
So you're gonna notice in the u R l If we take a look at this here, it ends in Logan dot PHP.
So the other thing we want to look at, we're gonna click around to some different pages here, but I want you to look at the index dot PHP and see if that changes. So this one right here, see if the index dot PHP changes as we cooked around different pages on the site.
All right. So go ahead, click around on your own. I'm just gonna randomly click some areas here.
All right? So at least on my end, I have not noticed that this changes, right? So it stays the same. It's the constant index dot PHP. However, everything after that has been changing as I click through different pages and you'll notice that here.
All right, so once you're done, just click back on the log in register page and we'll go back to our lab document.
All right, So what we're gonna do here in step nine is we're gonna modify the U R L So instead of having the log in dot PHP, we're gonna change that with our password file we've been using, Right, So the e t c four slash p a s s w d. So we're gonna go ahead and replace it with that path. I will see what kind of results we get back.
So just highlight or just the lead out the logging dot PHP
and we'll do the fort slash and then p a s W. Just like that.
And then just go ahead and press center on your keyboard
are so question number one. Do we actually see the data from this particular file? So, do we see any data output? Once we taught that in and press enter, do we see any data output.
Well, the answer is yes. Right, we've We've seen this before in other labs. We've seen the results of that particular file. So here's the information contained in it. So we do see that as our results.
Let's move on with our lab document.
So the next thing we're gonna do, we're gonna go on the left side to all lost 2017. We're gonna navigate to the A five. So the broken asked, his control will go too insecure, direct object references. And then we're gonna click on the source viewer.
So let's go and do that. Now we're gonna do the whole loss. 2017
a five broken access control
and actually let me click back on my screen here so you can see what I'm doing.
A five broken access control, insecure direct object references, and then you want to choose now, the 2nd 1 from the bottom. This source viewer option.
Go and click on that. That's gonna take you to the page where we can view source code. You'll see source.
So now what we want to do is on the drop down menu that we've got right here in the background we want to choose the text dash file dash viewer dot PHP file.
So let's go and do that out. Just click in the box there. Ask you should be this 5th 1 down. Here
it's click all that and then click on view file.
Well, it's doing that and pull it up. We're gonna go back to our lab document here.
All right, So I do know Tate here that the issue here, the main issue is that this file can contain sense of sensitive information. So you'll see here that we may have some user names and passwords in here as well. Some other information.
So just f y I That's kind of why we're taking a look at that particular file.
So now we're gonna go ahead and use a tool called Burt Sweet. So if you're not familiar with it, it's another one of those penetration testing tools that we that comes preinstalled in Cali lyrics for our purposes. You know, there's a there's a free and a paid version. We're gonna use a free version in this particular video on, and you know, when we use it throughout the course, we'll just use a free version of things.
So it's commonly called the Community Edition.
So we'll go ahead and launch birth. Sweet. Once we launch, it will go through and get it fully launched. And then I'll go and pause. A video will pick things back up in the next video. So let's go and do that now. So first things first, we're gonna minimize Firefox and just cook the little minimize button
and then back on our little menu here on the left side, this middle option here that looks like a orange face and like a gray wall or something in the background that's gonna be birth sweet. So just go ahead and click on that.
Let me take a moment, sort of launch up for us.
Once it gets launching, we'll start clicking through, and we'll get it to the actual application. And then, from there, as I mentioned Will Pulse video will move on to the next video, so here it gives you a license agreement First. I always uncheck this help improve burp because I don't want to get feedback even if it's anonymous. As a claim, I don't want to give any feedback to them,
and then then I just say I accept here, So just go ahead except the license agreement
and we'll move on to the next screen here.
Now this screen. We're just going to click on the next button and then we'll click on this button that says, Start, burp. So again, we just We don't care about leaving the defaults alone. We just want to move into actually using the application.
So go ahead, pause the video there, and in the next video, we'll pick things back up. It should be launched by then and we'll go from there. Just take a little bit of time to launch the application.
Up Next