Capture a Login request and send it to the burp repeater
In the repeater window change the request method from GET or POST to DELETE
If the response returns with 200 OK then you successfully bypassed the login mechanism
https://book.hacktricks.xyz/pentesting-web/login-bypassarrow-up-right
https://exploit-notes.hdks.org/exploit/web/method/web-login-bypass/arrow-up-right
Last updated 1 year ago
