Sajan Ghimire

@SajanGhimire

> Exploring web vulnerabilities - Breaking things (ethically)🙂

NepalJoined September 2024

About

> Exploring web vulnerabilities - Breaking things (ethically)🙂

Available for

>Detailed technical reviews, >Penetration Testing, >Security Consulting

Sajan Ghimire's blogs

Untitled Publicationsajanghimire.hashnode.dev2 posts

Articles Comments

Recently published

SGSajan Ghimiresajanghimire.hashnode.devMar 21, 2025 · 4 min read

2FA broken logic

This lab's two-factor authentication is vulnerable due to its flawed logic. To solve the lab, access Carlos's account page. Your credentials: wiener:peter Victim's username: carlos Analysis: Step 1: Observing the Authentication Process The first...

0

SGSajan Ghimiresajanghimire.hashnode.devMar 20, 2025 · 3 min read

Exploiting Business Logic: Bypassing Client-Side Controls to Manipulate Pricing

Step 1: Log in to the Application Open the lab in your browser. Log in using the provided credentials: Username: wiener Password: peter Navigate to the product page and locate the "Lightweight l33t leather jacket". Step 2: Add the Jacket to...

0

Sajan Ghimire

About

Available for

Sajan Ghimire's blogs

Recently published

2FA broken logic

Exploiting Business Logic: Bypassing Client-Side Controls to Manipulate Pricing

Search Hashnode

Sajan Ghimire

About

Available for

Sajan Ghimire's blogs

Recently published

2FA broken logic

Exploiting Business Logic: Bypassing Client-Side Controls to Manipulate Pricing