1
00:00:01,120 --> 00:00:02,890
Hello and welcome, everyone.

2
00:00:03,370 --> 00:00:10,360
So in this video, we are going to see a log-in bypass onto a life of application so long we have seen

3
00:00:10,360 --> 00:00:16,530
log-in bypass on to the lab exercise, but now we have moved to the life of our application.

4
00:00:16,840 --> 00:00:22,260
So here is an application, which is technical traders, dot com login, not BHB.

5
00:00:22,270 --> 00:00:25,030
And this is an admin login, which we are going to buy.

6
00:00:25,170 --> 00:00:31,300
So here we are also going to try with default credentials, which is admin and admin, and let's see

7
00:00:31,300 --> 00:00:32,540
if it works for us auto.

8
00:00:33,100 --> 00:00:36,860
And you can see and give a letter to us which is around username and password.

9
00:00:36,880 --> 00:00:44,020
Let's try with admin and password as password this time and log in and you can see it still gives the

10
00:00:44,020 --> 00:00:48,420
error, which means that we are not able to bypass this with the default credentials.

11
00:00:48,940 --> 00:00:55,570
So let's try to do some indication and we will see some Esequiel queries to bypass the login.

12
00:00:56,830 --> 00:00:58,890
So we wish login as admin.

13
00:00:58,900 --> 00:01:04,600
So I'm going to write admin and in the password field I'm going to write a script query and which is

14
00:01:04,600 --> 00:01:09,250
this we have already discussed about this query and have done a breakdown.

15
00:01:09,460 --> 00:01:14,850
So let's copy paste this over here and hit on login and let's see if we are able to login.

16
00:01:15,190 --> 00:01:21,310
And you can see we are successfully able to login into the application and you can see welcome admin

17
00:01:21,910 --> 00:01:23,290
and yet is allowed.

18
00:01:23,290 --> 00:01:31,780
But now I can go on to inventory, sales, history, etc etc. and see a lot of sensitive information

19
00:01:31,960 --> 00:01:34,660
which is only visible to the admin account.

20
00:01:35,440 --> 00:01:43,420
But we will not move to any of these buttons or go onto any places because it may leak some of the sensitive

21
00:01:43,690 --> 00:01:46,210
information off the target application.

22
00:01:46,810 --> 00:01:56,980
So I'll just log out and I hope you guys understood how you can also identify login bypassed with vulnerabilities

23
00:01:56,980 --> 00:02:01,390
on the Web applications by using the query under the homepage.

24
00:02:01,540 --> 00:02:04,870
Where is the login details and the username feel?

25
00:02:05,080 --> 00:02:11,200
You can try with different usernames that you want, but if you try admin, it contains the highest

26
00:02:11,200 --> 00:02:11,770
privilege.

27
00:02:11,980 --> 00:02:19,090
So if you get logged in using admin, it is going to give you more rate which will contain more criticality

28
00:02:19,090 --> 00:02:22,870
and severity if you are going to report it to anybody program.

29
00:02:23,980 --> 00:02:30,160
So I would recommend always try to login with first the default credentials and then you can try to

30
00:02:30,160 --> 00:02:35,550
login with the bypass query that we have seen on the multiple web application.

31
00:02:35,560 --> 00:02:43,510
It works most of the time for poorly developed websites in which there are Escorial issues and it will

32
00:02:43,510 --> 00:02:46,270
work for you for most of the applications.

33
00:02:46,810 --> 00:02:48,150
So I hope you guys understood.

34
00:02:48,160 --> 00:02:54,430
In case you have any issues or you have any doubts or queries, you can always ask it into the Q&amp;A section.

35
00:02:55,120 --> 00:02:55,600
Thank you.