Bypass Authentication

AppSec Tales II | Sign-inMedium

Default Password

Default Credentials

Re-registration of an existing user

1. There is an existing user with the name admin

2. Register a new user " admin" (space in the starting)

3. Login with " admin"

4. That user will have the same right as normal admin. That new user will also be able to see all the content presented under the user admin.

X-Forwarded-For

Try with:

X-Forwarded-For: 127.0.0.1

MSSQL Unicode Collation

:~$ curl -i "http://localhost:5055/login" -X POST -d "email=💩&password=foo"
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Tue, 26 Nov 2024 02:56:43 GMT
Server: Kestrel
Transfer-Encoding: chunked

"Logged in user ID 9"

Tales From The Crypt: Microsoft Unicode Collation Oddities Leading to Software VulnerabilitiesPulse Security

SQL injection

SQL Injection

Interesting Books

Interesting Books

Disclaimer: As an Amazon Associate, I earn from qualifying purchases. This helps support this GitBook project at no extra cost to you.

• The Web Application Hacker’s Handbook The go-to manual for web app pentesters. Covers XSS, SQLi, logic flaws, and more

• Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities Learn how to perform reconnaissance on a target, how to identify vulnerabilities, and how to exploit them

• Real-World Bug Hunting: A Field Guide to Web Hacking Learn about the most common types of bugs like cross-site scripting, insecure direct object references, and server-side request forgery.