15 Dec 2022
Web Applications I’m dreaming of secure web appsCan’t talk webapps without talking databases. Two popular database models:
Web app typically needs to constantly query the database to search for information, add records, and edit records.
OWASP - Open Web Application Security Project Established to improve software security. Top 10 list aims to raise awareness regarding common security issues plaguing web apps. Helps software devs avoid common mistakes and build more securely. Pentesters and bug bounty hunters use list to serve their purposes.
IDOR - Insecure Direct Object References vulnerability Situation where user can manipulate the input to bypass authorization due to poor access control. #4 on OWASP Top 10 in 2013 before publishing under Broken Access Control in 2017.
Example 1: User with ID of 132 directed to http://server.tld/account/user_id=132. They figure out they can change the id number and gain access without authorization to the other user.
Example 2: Requesting an invoice generates a link to http://server.tld/invoices?download=115. Changing download number allows viewing other users’ invoices, perhaps including important billing/shipping details.
Example 3: User might start with the URL to change their password like http://server.tld/account/changepassword=user and change their username to someone else’s to change the other accounts password and take it over.
Impact of IDOR vulns can be high.
Check web app for IDOR vulns and find info and a flag.
Info gotten, flag captured. Time to catch up…