OWASP Security Shepherd – Insecure Direct Object Reference Solution – LSB

Welcome back to the Security Shepherd solutions from LSB. This was quite an interesting puzzle and it took a few tries to get the key.

Insecure Direct Object Reference (called IDOR from here) occurs when a application exposes a reference to an internal implementation object. Using this way, it reveals the real identifier and format/pattern used of the element in the storage backend side. The most common example of it (altrough is not limited to this one) is a record identifier in a storage system (database, filesystem and so on).

idor1

This is the screen we are presented with. When we choose a name in the list and click on Show This Profile, we see a little sentence about that person.

idor2

As the page says, the key for the challenge is someone not in the list. We will need Burp to intercept traffic for this one (Burp comes as a default tool on Kali Linux). So, with the intercept on in Burp and hit the Show This Profile button.

REGISTER TODAY FOR YOUR KUBERNETES FOR DEVELOPERS (LFD259) COURSE AND CKAD CERTIFICATION TODAY! $499!

idor3

This is our packet intercepted with Burp. If we look closely at the bottom of the page we can see a user ID as the number 7. We changed that number to 8,9, -1 and 10 with no success. But 11 worked.

$299 WILL ENROLL YOU IN OUR SELF PACED COURSE – LFS205 – ADMINISTERING LINUX ON AZURE!

idor4

That concludes this lesson. Thank you for reading and comment below, share and don’t forget to  follow to get more lessons in the near future.

QuBits 2018-09-10

BUNDLE CLOUD FOUNDRY FOR DEVELOPERS COURSE(LFD232) AND THE CFCD CERTIFICATION FOR $499!

1 Comment

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.