Exploiting a Mass Assignment Vulnerability

Опубликовано: 26 Февраль 2024
на канале: Intigriti
8,024
106

👩‍🎓👨‍🎓 Learn about API testing! To solve this lab, we'll need to find and exploit a mass assignment vulnerability to buy a Lightweight l33t Leather Jacket.

If you're struggling with the concepts covered in this lab, please review https://portswigger.net/web-security/... 🧠

🔗 ‪@PortSwiggerTV‬ challenge: https://portswigger.net/web-security/...

🧑💻 Sign up and start hacking right now - https://go.intigriti.com/register

👾 Join our Discord - https://go.intigriti.com/discord

🎙️ This show is hosted by   / _cryptocat   ( ‪@_CryptoCat‬ ) &   / intigriti  

👕 Do you want some Intigriti Swag? Check out https://swag.intigriti.com

Overview:
0:00 Intro
0:15 Mass assignment vulnerabilities
0:33 Identifying hidden parameters
1:15 Testing mass assignment vulnerabilities
1:57 Lab: Finding and exploiting an unused API endpoint
2:13 Explore site functionality
3:02 Review API docs
4:08 Exploit mass assignment to apply discount
5:37 Preventing vulnerabilities in APIs
6:34 Conclusion