Bola Lab1

Posted on September 7, 2023 by in

Broken Object Level Authorization Lab 1

Firtly up and running crAPI application

cd crAPI/deploy/docker
sudo docker-compose up

open Mailhog localhost:8025
create an account on the application localhost:8888 then add new vehicle

Capture location request with burp suite and anayze it

If i can obtain another vehicle id maybe i can view anaother car information, to achive that analyze post community post requests

we can use expose data to view another car info…this is bola…