Skip to content

4.8.web info disclosure error messages(Web Security Academy)

Web Security Academy >> Information disclosure >> Exploiting >> Lab

This labā€™s verbose error messages reveal that it is using a vulnerable version of a third-party framework. To solve the lab, obtain and submit the version number of this framework.

Information disclosure in errorĀ messages

First of all, do not forget that he wants us to obtain the version number of the frameworkĀ , Because it is a weak versionĀ .

As a person who specializes in web testing, you must, above all else, browse the page very normally, and then do unnatural things.

After starting to search the page, I found that there are a number of products, and each product has a number (productId).

We can also find out this using BURPĀ :

So, when the productId number is changed, it gives a different value every timeĀ , These are called GET requests, or get-result requests.

There are other types of requests called post, and they are used when logging in to the site. In other words, they occur when data is sent from our device to the server we are talking to, or in other words, data is sent from the client to the server.

https://0a7a005304e36a5981cbdebf00cb0079.web-security-academy.net/product?productId=2

/product?productId=2

In the end, we know that no matter how many numbers the value changes, it will give us a normal result because in the end, the numbers refer to the pages.\ Our task here is to obtain an abnormal result, so we will change the value of the productId to something variable, using several methods.

Congratulations, you solved theĀ lab!

The result after that will be the error message you are looking for, but I will show the error message in a stronger way than this, in the following wayĀ :

Congratulations, you solved theĀ lab!

Here we have made the intercept is on and we are requesting the productId and making the actual value of the productId ==AS_CYBER, and therefore the error message will be displayed when the request is forwarded.

There is another way, which I actually prefer, and the desired error message will be outputĀ :

We will send one of the GET requests to the sent to repeaterĀ , thenĀ :

Congratulations, you solved theĀ lab!

We will move to the Repeater tab, then you will change the productId number to /product?productId=ā€Abdelwahab_Shandyā€\ Then you will send the request\ You will find that the answer is as follows:\ You will find the error message and what you need to prove in this tabĀ .

See you soon in other reportsā€¦.!!

Abdelwahab_Shandy

AS_Cyber