Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Explanation of a simple IDOR
Exploiting Insecure Direct Object Reference (IDOR) is a simple yet effective technique that could be very effective especially in combination with other techniques ex some header manioulation. So IDOR as an example we make a request that is we will get the profile of the persons account which the id is 1234. After that we can then send another request which could be for example if there is no authentication on the server side we would receive the account belonging to id 1235.

Messages In This Thread
Explanation of a simple IDOR - by xoredserpent - 04-10-2022, 04:31 PM

Forum Jump:

Users browsing this thread: 1 Guest(s)