Nous avons couvert Insecure Direct Object Reference Vulnerability and how to exploit it.

What is an IDOR?

IDOR stands for Insecure Direct Object Reference and is a type of access control vulnerability.

This type of vulnerability can occur when a web server receives user-supplied input to retrieve objects (files, data, documents), too much trust has been placed on the input data, and it is not validated on the server-side to confirm the requested object belongs to the user requesting it.

Obtenir les notes du certificat OSCP

Questions et réponses du défi

What does IDOR stand for?
What is the Flag from the IDOR example website?
What is a common type of encoding used by websites?
What is a common algorithm used for hashing IDs?
What is the minimum number of accounts you need to create to check for IDORs between accounts?
hat is the username for user id 1?

What is the email address for user id 3?

Vidéo pas à pas

A propos de l'Auteur

Je crée des notes de cybersécurité, des notes de marketing numérique et des cours en ligne. Je fournis également des conseils en marketing numérique, y compris, mais sans s'y limiter, le référencement, les publicités Google et Meta et l'administration CRM.

Voir les Articles