1. Web Security Academy
  2. CORS
  3. Lab

Lab: CORS vulnerability with internal network pivot attack

EXPERT

This website has an insecure CORS configuration in that it trusts all internal network origins.

To help solve this lab you can use the Burp Collaborator client or use the access logs provided on the exploit server.

This lab requires multiple steps to complete. To solve the lab, craft some JavaScript to locate an endpoint on the local network (192.168.0.0/24, port 8080) that you can then use to identify and create a CORS-based attack to delete a user. The lab is solved when you delete user Carlos.