Lab: Insecure direct object references
when you click the view transcript you can dowloand the conversation
as you can see the txt file name starts with 2
here it starts with 2
send it to repeater and see the first file txt which is 1.txt
login as carlos with that credential
PreviousLab: Unprotected admin functionalityNextLab: Multi-step process with no access control on one step
Last updated