Inconsistent security controls

https://portswigger.net/web-security/logic-flaws/examples/lab-logic-flaws-inconsistent-security-controls

We can go to the Target > Site Map tab in Burp Suite in order to see the domain.

Let's left click on the domain present and then Engagement tools > Discover content.

That would tell us that there is a directory called /admin. Alternatively, we can also directory fuzzing tools. Let's visit the /admin page through the browser.

As we can see, the admin page is only accessible to "DontWannaCry" users.

Let's Register our user using our assigned email address.

Next, we can go to the Email client and click our registration email.

Then, we can login to our created account through the My account tab.

Once inside, we get the option to change our email. Let's set it the following:

attacker@dontwannacry.com

Once we update our email, the admin panel becomes accessible to us.

Let's go inside the admin panel.

We have to delete the carlos user.

We have solved the lab.