.png)
3 years ago
352 BOOK THIS SPACE FOR AD
ARTICLE ADHello super ethical hackers and bug bounty hunters. I hope you are well in this pandemic
(I only had a bug bounty for 7 months. >:( Now i hate bug bounty)
The reason is the same as on this blog ==> https://nirajkhatiwada.com.np/blog/2020/11/04/Why_do_I_Hate_Bug_Bounty.html
and Today I will tell you about IDOR, which is the most vulnerability I’ve encountered in bug bounty.
If you are starting from 0 and don’t know how to setup, I recommend you watch this video ==> https://www.youtube.com/watch?v=G3hpAeoZ4ek
NOW
Insecure direct object references (IDOR) are a type of access control vulnerability that arises when an application uses user-supplied input to access objects directly. The term IDOR was popularized by its appearance in the OWASP 2007 Top Ten. However, it is just one example of many access control implementation mistakes that can lead to access controls being circumvented. IDOR vulnerabilities are most commonly associated with horizontal privilege escalation, but they can also arise in relation to vertical privilege escalation
Source: https://portswigger.net/web-security/access-control/idor
=======================================
2-) Requirements:
a. Burpsuite(THIS IS THE MOST IMPORTANT.
that’s the only thing that matters :D )
b.Mozilla Firefox (I chose to write it because it is the most stable and most preferred browser)
AND IT’S DONE
=======================================
3-) How to find Them?
You have entered the bug bounty program. Its most basic steps are as follows:
1-) Create 2 account (one is private tab the other is normal) Like this:
2-) Set up your proxy and get ready
3-) Perform basic operations.
Change Password, Like a Post, Edit Profile …
4-)Capture the requests, and find the ID assigned to you. Usually * id = 123 (if you don’t know * star means anything can happen userid, uid, cfui etc.) AND CHANGE.
=====================================
5-) THE MOST IMPORTANT PART IS HERE. Because we will verify the vulnerability based on the returned response.
If the response is 2xx or 3xx yes THIS IS AN IDOR (but double check because triagers are getting angry :D )
https://media.giphy.com/media/l0Ex6kAKAoFRsFh6M/giphy.gif
If the returned answer is 4xx or 5xx, there is no idor :(
https://media.giphy.com/media/9ZOyRdXL7ZVKg/giphy.gif
(If you do not know your http status codes, I recommend you this video ==> https://www.youtube.com/watch?v=hgwBOjJ1kYI)
*****************************************************************
My native language is not English, so I apologize for the mistakes I made and this is my first blog post, so many things may be wrong.
I will share burp plugins that automate IDOR finding on my other blogs. Stay in follow.
I wish everyone a good day. HAPPY HACKING
Bengali (Bangladesh) · 
English (United States) · 
