July 12, 2026
Lab: Authentication bypass via information disclosure (Information Disclosure) #lab 4
Solution:

By PRiTi.EX
1 min read
Solution:
- Access the lab login using given credentials, I explore all functionality & see each request response in Burp but nothing found.'
- So, i use TRACE method to see how it works, i found one intresting header X-Custom-IP-Authorization:
- Send any request to repeater remove all parameter and send TRACE with /.
- Next, copy the header change the method to GET use header that we found with localhost IP 127.0.0.1
X-Custom-Ip-Authorization: 127.0.0.1X-Custom-Ip-Authorization: 127.0.0.1
I found /admin panel
- Next use GET /admin where you got /admin/delete?username=carlos
- Send this GET /admin/delete?username=carlos request to delete user carlos & solve the lab.