Access Control
Lab:~# Insecure direct object references
Hello 😃, welcome back to another lab write-up. This lab focuses on learning about IDOR (Insecure Direct Object Reference). The lab stores user chat logs directly on the server’s file system and retrieves them using static URLs. Let’s explore vulnerabilities and exploit them.
End Goals:~#
- Solve the lab by finding the password for the user carlos, and logging into their account.
What is IDORs:~#
Insecure direct object references (IDORs) are a subcategory of access control vulnerabilities. IDORs occur if an application uses user-supplied input to access objects directly and an attacker can modify the input to obtain unauthorized access.
Testing For Vulnerabilities:~#
- Let’s log in to our account and check the live chat feature to send messages.
- View the transcript and download our message. Notice the URL and observe that the transcripts are text files assigned a filename with a ‘number’. Using Static URLs
- The hacker 💻 inside us says we should test for IDOR. Let’s change the number to 1 and we succeeded;(200 OK) now we can see Carlos’s messages and password.
- Login using the credentials to solve the lab.
That’s all, friends. Thank you for reading up to this point. I would like to hear your feedback on anything not clear here. Here is my Twitter account @T3chnocr4t. Feel free to DM me if you have any issues with my write-up. Thanks!