Insecure Direct Object References (IDOR)

https://portswigger.net/web-security/access-control/lab-insecure-direct-object-references

Level: Apprentice

What's an IDOR?

  • Insecure direct object references (IDOR) are a subcategory of access control vulnerabilities.

  • IDOR arises when an application uses user-supplied input to access objects directly and an attacker can modify the input to obtain unauthorized access.

  • Here we have a live chat, and we can click on the function transcript to download our conversation

  • Intercepting the request, you'll see a 302-status code, just follow the redirection.

  • We see that we are downloading a file called 6.txt.

  • Let's try to access other conversations by changing our 6.txt to 1.txt.

  • When we change the number, we can 'accidentally' get another transcript.

  • In the 1.txt is filtering the Carlos conversation to recover the password, so copied and log in.

PreviousUser ID controlled by request parameter with password disclosureNextExternal Entity Injection

Last updated