Lab: 2FA simple bypass

Hey everyone, Welcome to my lab blog series on Authentication based on the Web Security Academy learning path. I am excited to do this lab and share my experience with you. Please check it out below! 😃

Vulnerability:

The two-factor authentication

Tools:

• Web Security Academy

Aim:

Access Carlos’s account page

Solution:

From the home page of the lab navigate to the ‘My account’ page and use the credential provided for the lab to log in:

Your credentials: wiener:peter

Select the ‘Email Client’ button at the top of the page to enter the email . Use the security code provided in the email to verify account after returning to the account page.

Make note of the URL after verification:

Log out of Weiner’s account and log into Carlos’ account

Victim’s credentials carlos:montoya

When prompted for verification code change the URL from

https://ac5e1fb31e6ae68cc0b290f0000d00a5.web-security-academy.net/login2

to

https://ac5e1fb31e6ae68cc0b290f0000d00a5.web-security-academy.net/my-account

This allows access to Carlos’ account with a total bypass of his 2FA verification which would have sent an email with a security code to his email and this email I don’t have access to.

This lab eye eye-opening provided insight into how easy it can be to bypass 2FA verification if the right security implementations are not put in place by the user.