-
Book Overview & Buying
-
Table Of Contents
-
Feedback & Rating

Burp Suite Cookbook
By :

Developer code in an application must include authorization checks on assigned roles to ensure an authorized user is not able to elevate their role to a higher privilege. As an attacker, frequent targets for accessing elevated functionality include parameter tampering, forced browsing, and authentication bypass. These types of privilege escalation attacks may potentially occur by modifying the value of an assigned role or parameter value and replacing that value with another. If the attack is successful, the bad actor gains unauthorized access to resources or functionality normally restricted to administrators or more powerful accounts.
Let’s use the Privilege escalation via server-side prototype pollution PortSwigger lab, which is located in the Prototype pollution section of All labs, as our target application. We will attempt to find a weakness in the Node.js inheritance hierarchy to elevate our privileges within the appli...
Change the font size
Change margin width
Change background colour