OWASP Mutillidae II: Keep Calm and Pwn On
Version: 2.7.11 Security Level: 0 (Hosed) Hints: Enabled (1 - Try easier) Not Logged In
Home | Login/Register | Toggle Hints| Show Popup Hints | Toggle Security | Enforce SSL | Reset DB | View Log | View Captured Data
 
Want to Help?
 
 
 
 
Privilege Escalation
Expand Hints Hints and Videos
Privilege Escalation
 
Cookies
 
Some sites keep authentication and/or authorization tokens in the user-agent (i.e. browser, phone, tablet). This gives the user (and XSS) large amounts of control over these tokens.

For privilege escalation via cookies, alter the cookie values and monitor the effect. Also, regsiter for two (or more) accounts, log into both, and note any differences between the respective cookies.
 
SQL Injection
 
Login pages can be vulnerable to SQL injection such that a password or possibly a username is required to authenticate.
 
Brute Force
 
Hydra and Burp Suite can be used to guess usernames and passwords quickly. Both tools can attempt to log into sites and report the result.
 
Secret Adminnistrative Pages
 
Built in pages can sometimes be accessed without a login or using privilege escalation. These pages can grant administrative authority to create other admin accounts.