all InfoSec news
Portswigger’s lab write up: CORS vulnerability with basic origin reflection
Dec. 8, 2022, 3:29 a.m. | Christian Paez
DEV Community dev.to
In this apprentice-level lab, we will exploit a website with a basic CORS vulnerability to obtain a user's private credentials.
Upon logging in with the given credentials, we visit the account details page and check the response headers of the request to /accountDetails that fetches the user's API key:
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Connection: close
Content-Length: 149
{
"username": "wiener",
"email": "",
"apikey": "JQ7ufLKKzNoI4ahWKAKWBG5eP64wgwJW",
"sessions": [
"cdmflpOO6psYIp3novWUytbSDM9i68X1"
]
}
We can see that the Access-Control-Allow-Credentials: true …
basic cors lab origin portswigger vulnerability webdev writeup
More from dev.to / DEV Community
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Compliance Architect - Experian Health (Can be REMOTE from anywhere in the US)
@ Experian | ., ., United States
IT Security Specialist
@ Ørsted | Kuala Lumpur, MY
Senior, Cyber Security Analyst
@ Peloton | New York City
Cyber Security Engineer | Perimeter | Firewall
@ Garmin Cluj | Cluj-Napoca, Cluj County, Romania
Pentester / Ethical Hacker Web/API - Vast/Freelance
@ Resillion | Brussels, Belgium