Lab: Unprotected admin functionality

This lab has an unprotected admin panel. Solve the lab by deleting the usercarlos.

This is where I first tested feroxbuster; it functioned in PowerShell but was a little buggy; I then tested it in Kali and it performed flawlessly; the word list was obtained from GitHub.

On robot.txt you see administrator-panel from the subdomain

At the administrator-panel you find the flag.

PreviousAccess control NextUnprotected admin functionality with unpredictable URL

Last updated 2 years ago