Introduction

We covered Insecure Direct Object Reference Vulnerability and how to exploit it. You’re going to learn what an IDOR vulnerability is, what they look like, how to find them and a practical task exploiting a real case scenario.

What is an IDOR?

IDOR stands for insecure direct object reference. Web developers design an application to directly retrieve information from a database based on an argument provided by the user in either a query string or a POST request. For example, this query string might be used to retrieve a document from a document management system

https://www.mycompany.com/getDocument.php?documentID=1842

The attacker can modify the above link to
attempt to retrieve other documents, such as in these examples

https://www.mycompany.com/getDocument.php?documentID=1841

https://www.mycompany.com/getDocument.php?documentID=1843

https://www.mycompany.com/getDocument.php?documentID=1844

Doing so allow the attacker to retrieve pages with content that belongs to other users such as the ability to modify or view hidden pages.

OSCP Certificate Notes

Web Hacking & Pentesting Study Notes

Room Answers | TryHackMe IDOR

What does IDOR stand for?
What is the Flag from the IDOR example website?
What is a common type of encoding used by websites?
What is a common algorithm used for hashing IDs?
What is the minimum number of accounts you need to create to check for IDORs between accounts?
hat is the username for user id 1?
 

What is the email address for user id 3?

 

Video Walk-Through

 

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles