- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Lab: CORS vulnerability with basic origin reflection
This website has an insecure CORS configuration in that it trusts all origins.
To solve the lab, craft some JavaScript that uses CORS to retrieve the administrator's API key and upload the code to your exploit server. The lab is solved when you successfully submit the administrator's API key.
You can log in to your own account using the following credentials: wiener:peter
Видео Lab: CORS vulnerability with basic origin reflection канала oldlamb
To solve the lab, craft some JavaScript that uses CORS to retrieve the administrator's API key and upload the code to your exploit server. The lab is solved when you successfully submit the administrator's API key.
You can log in to your own account using the following credentials: wiener:peter
Видео Lab: CORS vulnerability with basic origin reflection канала oldlamb
Комментарии отсутствуют
Информация о видео
5 августа 2023 г. 19:20:32
00:04:56
Другие видео канала
Lab: CORS vulnerability with trusted null origin
Linux Fundamentals (The Shell, Workflow)
NSE 4 FortiGate Security 7.0 (LAB 10: Antivirus)
NSE 4 FortiGate Infrastructure 7.0 (LESSON 01: Routing)
Lab: Exploiting PHP deserialization with a pre-built gadget chain
Lab: Weak isolation on dual-use endpoint
ATutor Authentication Bypass and RCE (Data Exfiltration - 3.6.3)
Lab: Username enumeration via subtly different responses
Lab: Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single ...
Lab: File path traversal, traversal sequences blocked with absolute path bypass
Web Browsers (Bulk Media Downloader)
Linux Applications (YouTube Tool)
NSE 4 FortiGate Infrastructure 7.0 (LAB 08: Diagnostics)
Lab: JWT authentication bypass via algorithm confusion
NSE 4 FortiGate Infrastructure 7.0 (LAB 06: Fortinet Single Sign-On (FSSO))
Lab: Username enumeration via account lock
Lab: SSRF via flawed request parsing
Lab: Host header authentication bypass
Lab: Blind SQL injection with out-of-band interaction
NSE 4 FortiGate Security 7.0 (LAB 07: Certificate Operations)
NSE 4 FortiGate Security 7.0 (LESSON 05: Firewall Authentication)
