.png)
6 months ago
27 BOOK THIS SPACE FOR AD
ARTICLE ADThe IDOR (Insecure Direct Object Reference) flaw is a security vulnerability in web applications that arises when the application allows direct access to internal objects, such as files or database records, without carrying out proper permissions checks. This allows a malicious user to manipulate the references to these objects in order to access data that they shouldn’t have access to.
The start to exploit the the IDOR began after I received a private invitation on Intigriti on a program with multiple domains with authentication. I selected one, let’s consider the domain to be redacted.com
After noticing that the application had authentication. I had the idea to test IDOR.
After create my account I follow this steps:
Logged in to the application , I used the burp history to analyse the login requests.After going through some requests, one caught my attention, like this: GET /connectif/tags/ajaxconnectiftags?_=id HTTP/2 and after see the response, I notice that response included exposure of PII (Personally Identifiable Information) that includes data that could potentially identify a specific individual.After this interesting scenario involving some private information of the user. I thought, if I put another id, I will could read data from another user? Let’s try!I created another account representing the victim, I logged to the application and captured the same request and I sent it to the repeater, changing the attacker’s ID to the ID of the account representing the victim and with a little of luck …The IDOR happened exposing user PII such as email, address, city, name, telephone and number.
Curiosity about this bug: The ID was dynamic, every time a user logged into the application a new id was generated, and half of the id number was a static value, that is, it was a default value, so it was possible to discover that the request was vulnerable too to brute force. With this information, users who were logged into the application could be affected by the IDOR.
The impact of Insecure Direct Object References (IDOR) can allow the reading of other users’ personal data can be significant and detrimental to the security of a system.
Exposure of PII Privacy Violation: Unauthorized disclosure of PII can result in serious privacy violations. When personal information falls into the wrong hands, individuals can become victims of identity theft, harassment or other forms of exploitation.
Identity Theft Risk: Exposing PII significantly increases the risk of identity theft. This can lead to fraudulent activities such as opening bank accounts, applying for credit cards, or even more serious crimes using the victim’s identity.
Damage to Reputation: Companies that fail to adequately protect their customers’ PII can suffer significant reputational damage. Customer trust can be lost, resulting in a decrease in profits and market share.
Bounty: €500
Severity: High
Tip: Always check login requests, you might be surprised!
Reported — 16/02/2024
Triaged — 16/02/2024
Bounty — 26/02/2024
Bengali (Bangladesh) · 
English (United States) ·