Multi-step process with no access control on one step

https://portswigger.net/web-security/access-control/lab-multi-step-process-with-no-access-control-on-one-step

Let's login as the admin using the following credentials:

Username	Password
administrator	admin

Let's now promote the carlos user to admin.

Since we are proxying the traffic through Burp Suite, we can view this request in the Proxy > HTTP History tab.

Let's forward this request to the Repeater for further modification.

Next, let's login using the following credentials:

Username	Password
wiener	peter

Let's view the session cookie in the Proxy > HTTP History tab.

We now have to replace the session cookie in the Repeater tab with the wiener user's session cookie.

We also have to the set the username parameter to the following:

wiener

Let's go check in the browser.

We have solved the lab.