Client-Side Validation (Password) - Low Security Level
Solution:
*Note: I am using BurpSuite pre configured browser, in case if you are not using the pre configured browser then please configure the browser with proxy and then follow the below steps.
Step 1. On the lesson page Give the Current, new and re-type the password.
Step 2. Click on change, go to BurpSuite forward the request and turn off the intercept
Step 3. Note the output on the lesson page - The password has been changed!
Step 4. Logout from the lesson page.
Step 5. Go to the bWAPP main page and try to login with bee bug, it will not allow
Now give the new password and then the login will be successful.
PseudoTime
