[prev in list] [next in list] [prev in thread] [next in thread]
List: owasp-webgoat
Subject: Re: [Owasp-webgoat] Broken Access Control
From: <Holger.Peine () iese ! fraunhofer ! de>
Date: 2006-09-25 7:01:00
Message-ID: 687F148231CEBF449E6206E3FA7AAC3F20BD12 () hermes ! iese ! fhg ! de
[Download RAW message or body]
> I am stuck up with the lesson Broken Access Control - Remote
> Admin Access . I had run through the Java code and
> unfortunately I couldn't make it.
Add "admin=true" as a GET parameter to _every_ URL used to complete
that lesson.
Regards,
Holger Peine
--
Dr. Holger Peine, Security and Safety
Fraunhofer IESE, Fraunhofer-Platz 1, 67663 Kaiserslautern, Germany
Phone +49-631-6800-2134, Fax -1899 (shared)
PGP key via http://pgp.mit.edu ; fingerprint is 1BFA 30CB E3ED BA99 E7AE
2BBB C126 A592 48EA F9F8
_______________________________________________
Owasp-webgoat mailing list
Owasp-webgoat@lists.owasp.org
http://lists.owasp.org/mailman/listinfo/owasp-webgoat
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic