Lab: Multi-step process with no access control on one step

login as admin

upgrade carlos to admin

now carlos is admin

try the downgrade

user carlos back to normal user

now login as wiener

get the session token of wiener

paste the session token to the POST request where you can see the parameter of the user that is being upgraded

from this

to this

session token -> admin to wiener

username -> carlos to wiener

we can see the redirection

to double check we will login as admin again

as we can see wiener is now admin

PreviousLab: Insecure direct object referencesNextLab: Referer-based access control

Last updated