2FA simple bypass
https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/authentication-apprentice/authentication/multi-factor/lab-2fa-simple-bypass
Description
This lab's two-factor authentication can be bypassed. You have already obtained a valid username and password, but do not have access to the user's 2FA verification code. To solve the lab, access Carlos's account page.
Your credentials:
wiener:peterVictim's credentials
carlos:montoya
Solution
Starting login as wiener user, after inserting username and password, the system asks us a 4-digit security code.
We can request the numeric secure code clicking on Email client button:
inserting it in the dedicated field, we log us correctly as 'wiener':
Save the URL page: https://0a6b0064035e981b809621c7009f0018.web-security-academy.net/my-account?id=wiener
Checking request there's two login form:
'Login' page:
and 'Login2' page, with GET method:
and with POST method:
All clear, Logout from wiener's account and try to login into carlos's account (carlos:montoya):
clicking on "Email client" button we can't see dedicated code message.
Remember the URL relative to 'wiener' account, we can try to change it manually and jump/bypass the 2FA check, solving the lab:
https://0a6b0064035e981b809621c7009f0018.web-security-academy.net/my-account?id=carlos
Last updated