CORS - Lab #1 CORS vulnerability with basic origin reflection

No video

CORS - Lab #1 CORS vulnerability with basic origin reflection | Long Video

Рет қаралды 17,650

Күн бұрын

In this video, we cover Lab #1 in the CORS module of the Web Security Academy. The website has an insecure CORS configuration in that it trusts all origins. To solve the lab, we craft malicious JavaScript that uses CORS to retrieve the administrator's API key.
▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: bit.ly/30LWAtE
▬ 📖 Contents of this video 📖 ▬▬▬▬▬▬▬▬▬▬
00:00 - Introduction
00:12 - Web Security Academy Course (bit.ly/30LWAtE)
01:23 - Navigation to the exercise
01:56 - Understand the exercise and make notes about what is required to solve it
03:00 - Exploit the lab
15:53 - Summary
16:23 - Thank You
▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬
HTML script: github.com/rkh...
Notes.txt document: github.com/rkh...
Web Security Academy Exercise Link: portswigger.ne...
Rana's Twitter account: / rana__khalil

Пікірлер: 23

@RanaKhalil101 2 жыл бұрын

Don't want to wait for the weekly release schedule to gain access to all the videos and want to be added to a discord server where you can ask questions? Make sure to sign up to my course: bit.ly/30LWAtE ✨✨

@dragoschiperi8090 2 жыл бұрын

Great work! Thanks for explaining how to solve the lab without the "Go to exploit server" functionality.

@sarasevdari7159 2 жыл бұрын

Girl your explanation is fantastic. Much love, keep going

@wizix9877 2 жыл бұрын

I love your videos. keep up the good work. Thank you.

@medogamer8524 Жыл бұрын

the GOAT of explainig

@Guilhermecpv762 2 жыл бұрын

Thanks from Brasil, you are amazing!!

@suryatejakalidindi485 19 күн бұрын

thank you madam , please make a video on information disclosure

@TheBroadwood 2 жыл бұрын

Since in the fetch method, there is not the full uri given, how does the fetch method know that it has to GET-Request the exploit server? 🤯

@acronproject Жыл бұрын

Thanks

@xoro163 Жыл бұрын

what if the request is using only post method? how to create the payload??

@tiago7w_583 2 жыл бұрын

top

@user-cq3fu1df7o 5 ай бұрын

you are amazing ^_

@pranjalruhela1103 Жыл бұрын

There was never ...even once anything mentioned related to the admin account in our script...still how come the logs display the admin info??

@yashchaudhary6146 8 ай бұрын

Since its just a lab so burpsuite labs have made it in such a way that simulates a real hacking behaviour.

@burptester8761 Жыл бұрын

It's very difficult for to send email to an admin when you don't have his email. I tried to do a pentesting on website, I found the admin username but not his email. Is there any other solution @Rana ?

@wadadparker957 3 ай бұрын

Buddy this is just for information, don't actually send phishing links to admins 💀

@Fahodinho 2 жыл бұрын

what's the significance of apikeys why is it a secret information? what can you do with it? and wouldn't the session key be more critical because you can steal it and impersonate a user?

@domssilva1752 2 жыл бұрын

api keys are usually used by developers to access paid services. leaking the api key could lead not only to private users info leak but also business financial loss

@itsm3dud39 2 жыл бұрын

@@domssilva1752 where can i learn api vulnerabilities and attack?

@UBNA671 Жыл бұрын

@Rana Khalil is it necessary that i must write a script to go through i dont know how to code im trying to get started in bug bounty

@wolfrevokcats7890 7 ай бұрын

bug bounty is very competitive. You should learn how to code

@UBNA671 7 ай бұрын

@@wolfrevokcats7890 what languages, I’m learning python steadily , recently I googled what programming languages are used by osi model do you think finding that information is any good