🌺
tryhackme notes
  • 🌺TryHackMe Profile Link
  • Learning Paths
    • 🌺CompTIA PenTest+
      • 🍡Intro to Offensive Security
      • 🍡Penetration Testing Tools
        • 🍡Nmap
          • 🍡Nmap Switches
          • 🍡Overview
          • 🍡TCP Connect Scans
          • 🍡SYN Scans
          • 🍡UDP Scans
          • 🍡NULL, FIN, Xmas Scans
          • 🍡Working with the NSE
          • 🍡Practical
        • 🍡Burp Suite
          • 🍡Introduction
          • 🍡Site Map and Issue Definitions
        • 🍡Metasploit
          • 🍡Introduction
          • 🍡Working with Modules
        • 🍡Nessus
          • 🍡Introduction
          • 🍡Scanning!
          • 🍡Scanning a Web Application!
        • 🍡Hydra
          • 🍡Introduction
          • 🍡Using Hydra
      • 🍡Application-based Vulnerabilites
        • 🍡OWASP Top 10
          • 🍡[Severity 1] Command Injection
          • 🍡[Severity 2] Broken Authentication
          • 🍡[Severity 3] Sensitive Data Exposure
          • 🍡[Severity 4] XML External Entity
          • 🍡[Severity 5] Broken Access Control
          • 🍡[Severity 6] Security Misconfiguration
        • 🍡Vulnversity
      • 🍡Local-host Vulnerabilities
      • 🍡Network-based Vulnerabilites
    • 🌺Web Fundamentals
      • 🌺Introduction to Web Hacking
        • 🍡Walking an Application
      • 🌺Pickle Rick
  • Modules
    • 🌺Linux Fundamentals
      • 🍡Linux Fundamentals Part 1
        • 🍡Searching for Files
      • 🍡Linux Fundamentals Part 3
        • 🍡Processes 101
    • 🌺Introduction to Penetration Testing
      • 🍡Pentesting Fundamentals
        • 🍡Penetration Testing Methodologies
          • 🍡Black Box, White Box, Grey Box Penetration Testing
      • 🍡Principals of Security
        • 🍡The CIA Triad
        • 🍡Principles of Privilege
        • 🍡Security Models Continued
        • 🍡Threat Modelling & Incident Response
    • 🌺Introduction to Cyber Security
    • 🌺Pre Security
    • 🌺John the Ripper
  • Rooms
    • 🍡Basic Pentesting
    • 🍡OhSINT
    • 🌸Sakura Room
    • 😼dogcat
Powered by GitBook
On this page
  1. Learning Paths
  2. CompTIA PenTest+
  3. Application-based Vulnerabilites
  4. OWASP Top 10

[Severity 2] Broken Authentication

Notes about Broken Authentication & the practical.

Previous[Severity 1] Command InjectionNext[Severity 3] Sensitive Data Exposure

Last updated 1 year ago

Authentication and seession management are the core components of web applications. Authentication verifies the identity of users and provides them with a session cookie. A session cookie is needed because web servers use HTTP(S) to communicate which is stateless. Attaching a cookie means that the server will know who is sending what data and keep track of their actions.

Ways to mitigate this is for the application to enforce a strong password, apply an automatic lockout for brute force attacks, and implement 2fa or multi factor authentication.

Practical

To login to darren and arthur's account, I simply had to register a new account under both users except with a space before the name.

Darren's account flag.

The authentication system on the website was broken which made it very easy to get into both accounts and retrieve the flags.

🌺
🍡
🍡
🍡