Testing for bypassing authentication schemes
Applications may contain flaws, allowing unauthorized access by bypassing the authentication measures in place. Bypassing techniques include a direct page request (that is, forced browsing), parameter modification, session ID prediction, and SQL injection.
For this recipe, we will use parameter modification.
Getting ready
Edit the parameters of an authenticated request for a lower-privilege user to elevate up to an admin. We will use Proxy | Intercept during login and manipulate some cookie values to become a higher role. Once our privileges have been escalated, we can gain access to administrative functionality without knowing the admin’s credentials.