Introduction
We covered Insecure Direct Object Reference Vulnerability and how to exploit it. You’re going to learn what an IDOR vulnerability is, what they look like, how to find them and a practical task exploiting a real case scenario.
What is an IDOR?
IDOR stands for insecure direct object reference. Web developers design an application to directly retrieve information from a database based on an argument provided by the user in either a query string or a POST request. For example, this query string might be used to retrieve a document from a document management system
https://www.mycompany.com/getDocument.php?documentID=1842
The attacker can modify the above link to
attempt to retrieve other documents, such as in these examples
https://www.mycompany.com/getDocument.php?documentID=1841
https://www.mycompany.com/getDocument.php?documentID=1843
https://www.mycompany.com/getDocument.php?documentID=1844
Doing so allow the attacker to retrieve pages with content that belongs to other users such as the ability to modify or view hidden pages.
Web Hacking & Pentesting Study Notes
Room Answers | TryHackMe IDOR
What is the email address for user id 3?