Challenges
CWE-285 Improper Authorization
REST API does not authorize the user. It should check whether the user that is making request is allowed to do so.


CRUD page generation
Find auto-generated pages, but are not used.
Solution
Transaction
controller was generated using Visual Studio. /Transaction/Edit
(GET, POST) , /Transaction/Delete
(GET, POST) and Transaction/DeleteConfirmed
are not used but can be accessed.
You will find the flag in the response header.
Missing Authentication
In this challenge, you need to find endpoints that should be protected but are not.
Solution
Delete
SessionId
cookie and try all endpoints.When you try/
api/User/GetAvaliableFunds?user={username}
or/api/User/ProfileImage?user={usernane}
you will find that you don't needSessionId
cookie.
You will find the flag in the response header.
Unconfirmed login
In this challenge, you need to access /Transaction
with an unconfirmed account.
Solution
Register new user
Go to
/Transaction
without confirming your account.
You will find the flag inside the page source.
Last updated
Was this helpful?