This post is by a banned member (Jxdskii) - Unhide
13 December, 2019 - 05:23 PM
Reply
You have the admin access to only those pages which are having broken authentication, Not to all
If you tracerse to any other page it might ask you the admin credentials cuz it is secured by this vulnerability
This post is by a banned member (ninja2415) - Unhide
06 July, 2020 - 03:39 AM
Reply
This post is by a banned member (Pentester708) - Unhide
OP 08 July, 2020 - 08:02 AM
Reply
This post is by a banned member (marsbros140) - Unhide
17 July, 2020 - 01:14 PM
Reply
(14 November, 2019 - 03:31 AM)Pentester708 Wrote: Show MoreLEAVE A LIKE MATES THANKS
Started a New Shit Yesterday(Got a Hit That Very Moment)
Its Broken Authentication(OWASP TOP 10)
I wont be going much technical into it for all the public taken into consideration
It is a way to bypass the authentication in a website without entering the username/password .As the name says broken authentication means the authentication flow set by that website has some other way round to get in
Example: 1. www.xyz.com/admlogin has an authentication set
2. Inside that admin login there is a page like www.xyz.com/admlogin/editdetails.aspx
3. So Instead of going to /admlogin you directly went to the other URL and boom you are inside the admin login without having to enter the username and password(Thats just one basic example)
Now here is the website:
Here is the inside page URL: Just add /admin/home.php to the above URL and You are an admin with all the permissions
Note: You have the admin access to only those pages which are having broken authentication, Not to all
If you tracerse to any other page it might ask you the admin credentials cuz it is secured by this vulnerability
whats this
This post is by a banned member (wwqerfsdve12e) - Unhide
24 July, 2020 - 04:26 AM
Reply
(14 November, 2019 - 03:31 AM)Pentester708 Wrote: Show MoreLEAVE A LIKE MATES THANKS
Started a New Shit Yesterday(Got a Hit That Very Moment)
Its Broken Authentication(OWASP TOP 10)
I wont be going much technical into it for all the public taken into consideration
It is a way to bypass the authentication in a website without entering the username/password .As the name says broken authentication means the authentication flow set by that website has some other way round to get in
Example: 1. www.xyz.com/admlogin has an authentication set
2. Inside that admin login there is a page like www.xyz.com/admlogin/editdetails.aspx
3. So Instead of going to /admlogin you directly went to the other URL and boom you are inside the admin login without having to enter the username and password(Thats just one basic example)
Now here is the website:
Here is the inside page URL: Just add /admin/home.php to the above URL and You are an admin with all the permissions
Note: You have the admin access to only those pages which are having broken authentication, Not to all
If you tracerse to any other page it might ask you the admin credentials cuz it is secured by this vulnerability
dsafghjkhmngbfvdcs
This post is by a banned member (harry_potter) - Unhide
11 August, 2020 - 08:27 PM
Reply
(14 November, 2019 - 03:31 AM)Pentester708 Wrote: Show MoreLEAVE A LIKE MATES THANKS
Started a New Shit Yesterday(Got a Hit That Very Moment)
Its Broken Authentication(OWASP TOP 10)
I wont be going much technical into it for all the public taken into consideration
It is a way to bypass the authentication in a website without entering the username/password .As the name says broken authentication means the authentication flow set by that website has some other way round to get in
Example: 1. www.xyz.com/admlogin has an authentication set
2. Inside that admin login there is a page like www.xyz.com/admlogin/editdetails.aspx
3. So Instead of going to /admlogin you directly went to the other URL and boom you are inside the admin login without having to enter the username and password(Thats just one basic example)
Now here is the website:
Here is the inside page URL: Just add /admin/home.php to the above URL and You are an admin with all the permissions
Note: You have the admin access to only those pages which are having broken authentication, Not to all
If you tracerse to any other page it might ask you the admin credentials cuz it is secured by this vulnerability
thanks to much
This post is by a banned member (xFadi) - Unhide
12 October, 2021 - 03:44 AM
Reply
(14 November, 2019 - 03:31 AM)Pentester708 Wrote: Show MoreLEAVE A LIKE MATES THANKS
Started a New Shit Yesterday(Got a Hit That Very Moment)
Its Broken Authentication(OWASP TOP 10)
I wont be going much technical into it for all the public taken into consideration
It is a way to bypass the authentication in a website without entering the username/password .As the name says broken authentication means the authentication flow set by that website has some other way round to get in
Example: 1. www.xyz.com/admlogin has an authentication set
2. Inside that admin login there is a page like www.xyz.com/admlogin/editdetails.aspx
3. So Instead of going to /admlogin you directly went to the other URL and boom you are inside the admin login without having to enter the username and password(Thats just one basic example)
Now here is the website:
Here is the inside page URL: Just add /admin/home.php to the above URL and You are an admin with all the permissions
Note: You have the admin access to only those pages which are having broken authentication, Not to all
If you tracerse to any other page it might ask you the admin credentials cuz it is secured by this vulnerability
5hqnwjww
This post is by a banned member (lolitsme) - Unhide
12 October, 2021 - 08:23 AM
Reply
![[Image: Udpc9Lb.gif]](https://i.imgur.com/Udpc9Lb.gif)
