Skip to content

Latest commit

 

History

History
10 lines (5 loc) · 664 Bytes

File metadata and controls

10 lines (5 loc) · 664 Bytes

Idor

[https://www.youtube.com/watch?v=858rVeWB8Pw&ab_channel=JohnHammond]

What is an IDOR vulnerability?

IDOR stands for Insecure Direct Object Reference and is a type of access control vulnerability. An access control vulnerability is when an attacker can gain access to information or actions not intended for them. An IDOR vulnerability can occur when a web server receives user-supplied input to retrieve objects (files, data, documents), and too much trust has been placed on that input data, and the web application does not validate whether the user should, in fact, have access to the requested object.

Exploiting by changing ?activite= param id