Bypassing Basic Authentication
Try to use what you learned in this section to access the 'reset.php' page and delete all files. Once all files are deleted, you should get the flag.
Step 1 - Access the application:
Step 2 - Intercept the traffic with Burp Suite:
Click on the Reset Button
Change the Request method and forward it
It changed to POST method but no success:
Step 3 - Test other methods:
Change to HEAD Request and hit forward
Step 4 - Get the flag
Refresh the page and you should be able to see the flag!
Last updated