How I Hacked A Vulnerable Bank Application
Introduction Good day hackers, welcome to my blog again. In this writeup i will take you through how i was able to exploit an intentional Vulnerable Bank Application by Ghost St. Badmus, One of the best Application Security Engineers in the industry. You can find the Lab here: Vulnerable Bank Application 🏦 or vulnbank.org. Authentication & Authorization Vulnerabilities SQL Injection in login The first thing we will see when we access the application is the Login/Register page,we will try logging in with a simple SQLI payload to see if the application is vulnerable to SQLI. After using ‘or 1=1- - as the username and pass as password,we were logged in as the admin. ...