Today’s post is #2 in a series of solving the BodgeIt Store vulnerability.
If you want to read the initial post, click HERE.
As the title says, we’re going to solve the vulnerability of finding hidden content as a non-admin user.
Going back to the Scoring Page (About Us –> Scoring Page Link) we see the following. Pay attention to our username, right now we’re logged in as a guest user.
Going to the home page we see the following:
What would happen if we view the HTML source of the page? Let’s try it.
Right clicking the page, and select View Page Source we see:
Hmm… we see a commented code on line 41 (green line) that shows a link to an admin page. What will happen if we navigated to this page?
Navigating to this page we see the following:
We found a hidden page! This page lists the different user, and their role. Along with their BasketId, ProductId, and Quantity.
Let’s bookmark this page because I am sure we will need this page later for the other vulnerabilities.
Going back to the scoring page we see:
The hidden content as a non admin user is now complete (green)!