Broken Authentication

Difficulty:
Direct link: TryHackMe - OWASP

Objective

Task 7 Exploit Broken Authentication

Explore a logic flaw within the authentication mechanism.

Scope

Once again, I wont be reposting what can be read in the room. TryHackMe's free resources are invaluable and I highly recommend checking it out for yourself.

This task starts out seeming to give the steps laid out pretty clearly. Start the machine and navigate to the IP address that is provided.

Select Register to create an account

Correct VM

Each task has a specific target machine. Be sure to terminate the machine from task 5 before trying to spin up the machine for task 7

Solution

Following the instructions, I first attempt to register an account with the username 'darren'.

Remember the password you use to create the account

Expected error when trying to register an existing account name.

Now we try " darren". There isn't a success message but we don't get the error. Lets try logging in with " darren" and the password we used.

This is one example of Broken Authentication

Task 7.1

What is the flag that you found in darren's account?

darren

I was unable to copy/paste direcctly from the account. I used dev tools too inspect the page and copy the flag from the "Elements" page.

Task 7.2

What is the flag that you found in arthur's account?

We are given a second account, "arthur", to try the same technique on. Once again we use a space or null character before a known account name to try re-registering an existing account.

arthur

Register the account name " arthur", then log in with " arthur" and the password you created.

This task and room covered a single Broken Authentication example. You can dig further with this OWASP Cheat Sheet. The next vulnerability on our list is Sensitive Data Exposure. Follow along.