.png)
8 months ago
96 BOOK THIS SPACE FOR AD
ARTICLE ADTo solve the lab, exploit a hidden API endpoint to buy a Lightweight l33t Leather Jacket. You can log in to your own account using the following credentials: wiener:peter | Karthikeyan Nagaraj
To solve the lab, exploit a hidden API endpoint to buy a Lightweight l33t Leather Jacket. You can log in to your own account using the following credentials: wiener:peter.
Required knowledge
To solve this lab, you’ll need to know:
How to use error messages to construct a valid request.How HTTP methods are used by RESTful APIs.How changing the HTTP method can reveal additional functionality.These points are covered in our API Testing Academy topic.
Log in to your account with wiener:peterClick on Homepage, turn on the proxy, and click View Details of Lightweight l33t Leather Jacket.Send the GET /api/product/1/price to the repeater.Now, change the GET method to PATCH.Add the header Content-Type: application/json ,add the JSON body as {“price”:0} and send the request.Now refresh the “Lightweight l33t Leather Jacket” page, you’ll notice that the price has been changed to 0$Add the product to the cart and place an order.The Lab will be solved on successful completion of the “Lightweight l33t Leather Jacket”A YouTube Channel for Cybersecurity Lab’s Poc and Write-ups
Telegram Channel for Free Ethical Hacking Dumps
Thank you for Reading!
Happy Ethical Hacking ~
Author: Karthikeyan Nagaraj ~ Cyberw1ng
Bengali (Bangladesh) · 
English (United States) ·