Privilege Escalation

Normal User’s Profile
Decode value of ‘param’
Replace value of ‘SelectroleName’ parameter to high privileged user
Encode value of ‘param’
Super Admin’s Profile
Decode value of ‘param’
Replace value of ‘userid’ parameter to high privileged user
Encode value of ‘param’

This exploit was possible because the application does not implemented proper mapping of the user to the corresponding accessibility privilege.

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Firebase Realtime Remote Config

Advent of code: Rust, Go, and Binary operators

Adding and Removing Data in the Database

Reasons to Use Microsoft .NET Framework for App Development

An Hour Of Python : Day 3 &4

Software architecture recommendations by Mark Richards

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mohan Thakur

Mohan Thakur

More from Medium

Day 7: Cross site scripting (XSS)

Anonymous Tryhackme Write-up

XSS through SQL Injection — VoN — BCACTF 2022

HTB impossible password write-up