AttackFlow Findings Dictionary

Finding A Way To Try AttackFlow Enterprise Edition?

If so, click to download 15 days full version for free!

Insecure Direct Object Reference

The attacker can access username and passwords in cleartext

Severity

Critical

Fix Cost

Medium

Trust Level

High

Insecure Direct Object Reference (IDOR) is one of the easiest exploitable attack vectors that hackers can pull off. The only thing they have to try is to test every parameter value to understand if changing the parameter’s value lets them accessing or changing others application data.

For example, imagine a view that lists the historical purchases of the user that was previously authenticated. When user clicks details of one of those listed purchases, the ID, let’s assume 3657435, of the purchase is sent from browser to the backend application and the glory details of the selected single purchase is shown as a separate interface.

Here the authenticated user might have bad intentions and when sending the ID, 3657435, of the purchase, he might change to other predictable IDs of purchases of other users. Let the changed ID is 3657436. If the back end code doesn’t really check whether the received purchase ID really belongs to the current user before sending the details, the attacker is now able to see the details of other users’ purchases.

http://www.buymebuy.com/purchased?ID=3657435

Finding A Way To Purchase AttackFlow Enterprise Edition?

If so, click to buy now for yearly subscriptions!