CORS - Lab #4 CORS vulnerability with internal network pivot attack | Long Video скачать в хорошем качестве

CORS - Lab #4 CORS vulnerability with internal network pivot attack | Long Video

In this video, we cover Lab #4 in the CORS module of the Web Security Academy. The website has an insecure CORS configuration in that it trusts all internal network origins. To solve the lab, we craft malicious JavaScript that locates an endpoint on the local network (192.168.0.0/24, port 8080) that we then use to identify and create a CORS-based attack to delete a user. ▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬ Buy my course: https://bit.ly/30LWAtE ▬ 📖 Contents of this video 📖 ▬▬▬▬▬▬▬▬▬▬ 00:00 - Introduction 00:14 - Web Security Academy Course (https://bit.ly/30LWAtE) 01:23 - Navigation to the exercise 02:00 - Understand the exercise and make notes about what is required to solve it 03:17 - Exploit the lab 35:37 - Summary 36:30 - Thank You ▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬ HTML scripts: https://github.com/rkhal101/Web-Secur... Notes.txt document: https://github.com/rkhal101/Web-Secur... Web Security Academy Exercise Link: https://portswigger.net/web-security/... Rana's Twitter account:   / rana__khalil