Загрузка...

Multi-Step Access Control Bug Exploit 🔐 | Become Admin Without Permission (Burp Suite Lab-12)

এই ভিডিওতে আমি দেখিয়েছি কীভাবে একটি Multi-step process vulnerability ব্যবহার করে খুব সহজেই একজন normal user থেকে admin হওয়া যায় 😈

📌 Lab Scenario:
একটা admin panel আছে যেখানে role change করার process multi-step, কিন্তু একটি step-এ access control properly implement করা হয়নি।

💡 আমি কী করেছি:

প্রথমে admin account দিয়ে login
তারপর role change request capture করেছি (Burp Suite)
পরে normal user (wiener) দিয়ে login করে
session cookie replace করে request replay 😎
Boom! আমি admin হয়ে গেছি 🚀

👉 এই ভিডিওটা especially useful যারা Web Security / Bug Bounty / Pentesting শিখতেছো তাদের জন্য

⚠️ Note: Only for educational purposes. Never test without permission.

#BugBounty #WebSecurity #AccessControl #BurpSuite #EthicalHacking #CyberSecurity #Pentesting #HackingLab #OWASP #InfoSec #LearnHacking #SecurityTesting #BanglaCyber

Видео Multi-Step Access Control Bug Exploit 🔐 | Become Admin Without Permission (Burp Suite Lab-12) канала Hacking Bangla
OSA Security OSA Security Bangla ethical hacking bangla cyber security bangla bug bounty bangla bug bounty hunting web security web hacking web hacking bangla penetration testing pentesting xss tutorial sql injection tutorial burp suite tutorial bug bounty tutorial hacking tutorial bangla cyber security tutorial bangla cyber security training ethical hacker tutorial linux for hackers kali linux hacking tutorial web ctf tutorial bug bounty live hunting
Комментарии отсутствуют
Зарегистрируйтесь или войдите с
Информация о видео
10 апреля 2026 г. 13:29:43
00:03:28
Hacking Bangla
Теги
Правообладателям
Жалоба на материал Недопустимый материал Нарушение авторских прав
Комментарии
Поделиться
Другие видео канала

Password Reset Bug Exploit 😱 | Account Takeover Without Token | Bug Bounty Bangla lab-03Password Reset Bug Exploit 😱 | Account Takeover Without Token | Bug Bounty Bangla lab-03

Mastering FFUF HTTP Options 🔥 | Complete Bangla Guide for CTF & PentestingMastering FFUF HTTP Options 🔥 | Complete Bangla Guide for CTF & Pentesting

Access Control Bypass Using HTTP Methods | Bug Bounty Technique Bangla Tutorial lab-11Access Control Bypass Using HTTP Methods | Bug Bounty Technique Bangla Tutorial lab-11

SQL Injection in WHERE Clause | Retrieve Hidden Data | PortSwigger Lab-1 WalkthroughSQL Injection in WHERE Clause | Retrieve Hidden Data | PortSwigger Lab-1 Walkthrough

VS Code এ Markdown File কিভাবে বানাবো | Beginner Guide | Markdown Tutorial BanglaVS Code এ Markdown File কিভাবে বানাবো | Beginner Guide | Markdown Tutorial Bangla

When Hearts Collide – Love at First Breach 2026 CTF | Bangla TutorialWhen Hearts Collide – Love at First Breach 2026 CTF | Bangla Tutorial

picoCTF Network Forensics | Ph4nt0m 1ntrud3r PCAP Analysis ExplainedpicoCTF Network Forensics | Ph4nt0m 1ntrud3r PCAP Analysis Explained

File Upload Vulnerability Exploit | .htaccess Blacklist Bypass Explained Bangla Lab-04File Upload Vulnerability Exploit | .htaccess Blacklist Bypass Explained Bangla Lab-04

Reflected XSS into Attribute with Angle Brackets HTML Encoded | PortSwigger Lab-06 Solution BanglaReflected XSS into Attribute with Angle Brackets HTML Encoded | PortSwigger Lab-06 Solution Bangla

How I Hacked Bounty Hacker Room | Full CTF Solution BanglaHow I Hacked Bounty Hacker Room | Full CTF Solution Bangla

Blind SSRF with Out-of-Band Detection | SSRF Explained | Web Security Lab-3 WalkthroughBlind SSRF with Out-of-Band Detection | SSRF Explained | Web Security Lab-3 Walkthrough

picoCTF Forensics | Hidden in Plain Sight | Bangla TutorialpicoCTF Forensics | Hidden in Plain Sight | Bangla Tutorial

এই একটা Command দিলেই শেষ! 😨 Kali Linux Dangerous Commandএই একটা Command দিলেই শেষ! 😨 Kali Linux Dangerous Command

WHOIS Record Explained | Domain Reconnaissance for Pentesting | Bangla TutorialWHOIS Record Explained | Domain Reconnaissance for Pentesting | Bangla Tutorial

Blind OS Command Injection with Out-of-Band Interaction | PortSwigger Lab WalkthroughBlind OS Command Injection with Out-of-Band Interaction | PortSwigger Lab Walkthrough

Source Code Disclosure via Backup Files | Apprentice Lab | Bangla TutorialSource Code Disclosure via Backup Files | Apprentice Lab | Bangla Tutorial

Basic SSRF against Another Back-End System | Lab-02 SolutionBasic SSRF against Another Back-End System | Lab-02 Solution

PicoCTF Unminify Walkthrough | Web Exploitation | Bangla TutorialPicoCTF Unminify Walkthrough | Web Exploitation | Bangla Tutorial

SQL Injection Attack | Querying Database Type & Version on Oracle | PortSwigger Lab-03SQL Injection Attack | Querying Database Type & Version on Oracle | PortSwigger Lab-03

Referer Header Exploit 🔓 | Become Admin Using Access Control Bypass (Burp Suite Lab)Referer Header Exploit 🔓 | Become Admin Using Access Control Bypass (Burp Suite Lab)

Яндекс.Метрика
© 2008-2026 «Информационно-развлекательный портал города Верхняя Салда»
salda.ws@mail.ru salda_ws Контакты Карта портала Сообщить об ошибке Соглашения Пользовательское соглашение Соглашение о конфиденциальности Согласие на обработку персональных данных Информация для правообладателей Об использовании Cookies
Все заметки Новая заметка Страницу в заметки
Страницу в закладки Мои закладки
На информационно-развлекательном портале SALDA.WS применяются cookie-файлы. Нажимая кнопку Принять, вы подтверждаете свое согласие на их использование.
О CookiesНапомнить позжеПринять