Part 7 Lab Solutions

Video Activity

This lesson offers a solution to the lab of Web Goat: Insecure Configuration forced browsing. The goal was to guess to URL for the user interface and this shows participants how to make the config page appear via transversal and using a variety of commands to discover how to find the administrative interface without force.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
9 hours 31 minutes
Difficulty
Intermediate
Video Description

This lesson offers a solution to the lab of Web Goat: Insecure Configuration forced browsing. The goal was to guess to URL for the user interface and this shows participants how to make the config page appear via transversal and using a variety of commands to discover how to find the administrative interface without force.

Video Transcription
00:04
Hello and welcome to the cyber. Very secure coding course. My name is Sonny Wear, and this is a lost top 10 for 2013.
00:13
A five security Miss Configuration.
00:16
This is the lab from Web goat insecure configuration.
00:23
This is the video solution for Web goat insecure configuration forced browsing
00:29
the instructions state your goal should be to guess the euro for the config interface. Now the config u r l is on lee available to the maintenance personnel. However,
00:40
the application doesn't check for any horizontal privileges.
00:46
So
00:47
basically, what we can do is try to force
00:50
the config page to appear.
00:53
Uh, bye.
00:55
By attacking this, you are Ellen doing a directory, Divers A ll.
01:00
So we know that anything after the attacks script here is going to be a screen related function.
01:08
So I'm just gonna go ahead and remove that part,
01:11
and I'm gonna try to guess what the config interface might be. I'm going to start with
01:19
the name of the directory config and see if that works.
01:23
Okay, That didn't work.
01:25
How about if we just try
01:27
cough
01:32
and that certainly works. So we have our success message. We were able to successfully find
01:40
the administrative
01:42
interface without any kind of authorization check being done.
01:48
We just didn't forced. You are well
Up Next