Introducción

Cubrimos Insecure Direct Object Reference Vulnerability and how to exploit it.

What is an IDOR?

IDOR stands for Insecure Direct Object Reference and is a type of access control vulnerability.

This type of vulnerability can occur when a web server receives user-supplied input to retrieve objects (files, data, documents), too much trust has been placed on the input data, and it is not validated on the server-side to confirm the requested object belongs to the user requesting it.

Obtenga notas del certificado OSCP

Challenge Questions and Answers

What does IDOR stand for?
What is the Flag from the IDOR example website?
What is a common type of encoding used by websites?
What is a common algorithm used for hashing IDs?
What is the minimum number of accounts you need to create to check for IDORs between accounts?
hat is the username for user id 1?

What is the email address for user id 3?

Video Walk-Through

Acerca del Autor

Instructor de Ciberseguridad y Nadador

Ver Artículos