📚📚 Don't want to wait for the weekly release schedule to gain access to all the videos and want to be added to a discord server where you can ask questions? Make sure to sign up to my course: bit.ly/30LWAtE

Awesome Video! Creating the python script to perform the exploit was a really interesting and educational process to walk through, thanks.

At first when I was trying to solve the lab by myself I don't know what change inhad made but the user "wiener" which is a normal privileged account got the admin panel due to which there was a fuss in solving the lab, but now it's done after understanding in the way you are trying to explain us

Thx a lot Rana, Your content is just amazing , but I have one question about CSRF ,when I host the malicious site and the victim visits it his cookies are never sent along with the csrf request , why is that ? knowing that he is logged to the vuln site and the samesite attribute is set to none, I solved the CSRF labs just the way you did it but when it comes to hosting the malicious site on localhost, the victim cookies are never sent along with the the request

Thanks Ms khalil

Why can’t we do the same job with any random cookie because at the end in while making the GET request to the /admin-roles with the query parameter included :- /admin-roles?username=wiener&action=upgrade .The server doesn’t perform any authentication check in the case of GET request right ?

It's verry good formation 😎

How this a broken access control vulnerability ? I asking that because we changed the cookie to our cookie, method to GET and username to wiener ok, but that request is created by administrator then why this called promoted by ourself i don't know this is a dum question or not, Asking as a beginner Thanks

Carry on