Business Logic Vulnerabilities - Lab #7 Weak isolation on dual-use endpoint | Short Version

In this video, we cover Lab #7 in the Business Logic Vulnerabilities module of the Web Security Academy. This lab makes a flawed assumption about the user's privilege level based on their input. As a result, we can exploit the logic of its account management features to gain access to arbitrary users' accounts. To solve the lab, we access the administrator account and delete Carlos. You can log in to your own account using the following credentials: wiener:peter ▬ ✨ My Academy ✨ ▬▬▬▬▬▬▬▬▬▬ Subscribe to Academy: https://academy.ranakhalil.com/p/all-... ▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬ Python script: https://github.com/rkhal101/Web-Secur... Notes.txt document: https://github.com/rkhal101/Web-Secur... Web Security Academy Exercise Link: https://portswigger.net/web-security/... Rana's Twitter account:   / rana__khalil  

Join Today
Business Logic Vulnerabilities - Lab #8 Insufficient workflow validation | Short Version
▶︎

Business Logic Vulnerabilities - Lab #8 Insufficient workflow validation | Short Version

Business Logic Vulnerabilities - Lab #6 Inconsistent handling of exceptional input | Short Video
▶︎

Business Logic Vulnerabilities - Lab #6 Inconsistent handling of exceptional input | Short Video

Business Logic Vulnerabilities - Lab #5 Low Level Logic Flaw | Short Video
▶︎

Business Logic Vulnerabilities - Lab #5 Low Level Logic Flaw | Short Video

Business Logic Vulnerabilities - Lab #5 Low Level Logic Flaw | Long Video
▶︎

Business Logic Vulnerabilities - Lab #5 Low Level Logic Flaw | Long Video

SSRF Lab 3 - Blind SSRF with out-of-band detection (2 Solution Methods)
▶︎

SSRF Lab 3 - Blind SSRF with out-of-band detection (2 Solution Methods)

Why Aliens Would NEVER Invade Africa
▶︎

Why Aliens Would NEVER Invade Africa

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!
▶︎

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!

Business Logic Vulnerabilities - Lab #4 Flawed enforcement of business rule | Long Version
▶︎

Business Logic Vulnerabilities - Lab #4 Flawed enforcement of business rule | Long Version

Abstract Black and White wave pattern| Height Map Footage| 3 hours Topographic 4k Background
▶︎

Abstract Black and White wave pattern| Height Map Footage| 3 hours Topographic 4k Background

Clear Mind Intense Focus | Ambient Techno | ADHD High Focus Support
▶︎

Clear Mind Intense Focus | Ambient Techno | ADHD High Focus Support

How to Disappear Online and Become Untraceable
▶︎

How to Disappear Online and Become Untraceable

Business Logic Vulnerabilities - Lab #1 Excessive trust in client-side controls | Short Version
▶︎

Business Logic Vulnerabilities - Lab #1 Excessive trust in client-side controls | Short Version

What Ukraine Just Did to Putin's Su-57s Is CRAZY… They Are DONE
▶︎

What Ukraine Just Did to Putin's Su-57s Is CRAZY… They Are DONE

SUMMER DEEP HOUSE Musics Mix 2026 ♫ Bruno Mars, Lady Gaga,Dua Lipa, Adele,Ed Sheeran, The Weeknd #29
▶︎

SUMMER DEEP HOUSE Musics Mix 2026 ♫ Bruno Mars, Lady Gaga,Dua Lipa, Adele,Ed Sheeran, The Weeknd #29

DEF CON 33 - Kill List: Hacking an Assassination Site on the Dark Web - Carl Miller, Chris Monteiro
▶︎

DEF CON 33 - Kill List: Hacking an Assassination Site on the Dark Web - Carl Miller, Chris Monteiro

How US Air Force B 52 Pilot Performed an Emergency Takeoff at Full Speed
▶︎

How US Air Force B 52 Pilot Performed an Emergency Takeoff at Full Speed

40Hz Binaural Gamma Waves - Ultra Deep Concentration
▶︎

40Hz Binaural Gamma Waves - Ultra Deep Concentration

Business Logic Vulnerabilities - Lab #7 Weak isolation on dual-use endpoint | Long Version
▶︎

Business Logic Vulnerabilities - Lab #7 Weak isolation on dual-use endpoint | Long Version