In this walk through, we will be going through the Without password vulnerability section from Webgoat Labs. We will be exploring and exploiting login panels without password and learn how application are affected because of it. So, let’s get started with the Hacking without any delay.
- In this challenge, we have to login as Larry without any password.
- I tried to check for the SQL injection in the username field and got a response to enter the correct username.
- I intercepted the request via Burpsuite and test the password field instead with an apostrophe and got an SQL error. Bingo!
- I used the below SQL payload to bypass the authentication and got the flag in the response.
' OR 1=1-- -
- Submitted the flag to complete the challenge.
Also Read: Webgoat – Vulnerable Components
Conclusion:
So, we finally completed the Webgoat Without password section. Next, we can mitigate these types of attacks by performing input sanitization and using prepared statements or parametrized queries for every SQL query made by the application to the database. On that note, i will take your leave and will meet you in next one with another Webgoat vulnerability writeup, till then “Keep Hacking”.