Hack This Site: Realistic Web Mission – Level 10

-- Introduction -- Oh hello, fancy seeing you here. Today we're looking at Hack This Site Realistic Web Mission 10. In other words, we're going to demonstrate how not to implement authentication mechanisms. Overall, this mission was a lot of fun. It required creating a wordlist from a list of publicly listed teachers. Then, we used that wordlist to brute force the login page to gain access to the staff control panel. Once logged in, we had to flag ourselves as an admin by modifying our cookies. Then, we modified a post request to change the grades. -- Full Article -- https://haxez.org/2021/10/hack-this-site-realistic-web-mission-level-10/ -- Links -- • HaXeZ - https://haxez.org/ • Twitter - https://twitter.com/haXez_org • Medium - https://medium.com/@joemcfarland