3 Videos for Authentication 03

PRO
Tier
Easy
< 1 Hr.
18185
Essential Badge
image of exercise Authentication 03: Introduction
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Authentication 03: Introduction

In this video, we cover the Authentication 03 challenge from the Essential Badge, where the goal is to bypass an application's restriction on creating an account with the username "admin." By exploiting case-insensitive string comparisons in the database, you can gain access to the admin account.

video duration icon02:24 number of views icon850

 

image of exercise Authentication 03
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
Authentication 03

In this video, we tackle the Authentication 03 challenge from the essential badge. The focus is on exploiting a common web application vulnerability related to case-sensitive username checks, allowing us to create an admin account by manipulating the case of the username.

video duration icon03:18 number of views icon11582

 

image of exercise Authentication 03: Code Review
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Authentication 03: Code Review

In this video, we conduct a source code review of the Authentication 03 challenge. We examine a Ruby application that utilizes the Sinatra framework, Active Record for database access, and rack-session-sequel for session management.

video duration icon07:11 number of views icon2461