Day 32: Security IDOR explained

IDOR

idor featured

In the security world, IDOR is kind of a big deal.

What ?

Insecure Direct Object Reference.

As the name says, we are referencing an object directly.

The application will give access to an object without any authorization required (and this is the insecure part).

Why ?

This happens if improper care is give to the different routes a user can take.

And usually this may be as simple as a parameter in an URL.

As an example, say you got a 25% discount code, accessible only through this URL:

https://superbuystuffsite.com/discount?promo=25

Now, say you were to change the promo value to 100.

And get 100% discount ! Item is free.

You’ve just discovered an IDOR.

How ?

Normally, IDORs can be prevented or at least made harder by using secure hashes instead of plaintext.

Also, these hashes should be valid only for a limited amount of time.

Yep, that’s all.

Credits

idor portswigger

thehackerish.com

Featured black hat

\Codarren/

Written on February 1, 2021