IDOR (Insecure Direct Object Reference) is a vulnerability where a user is able to access information that he’s not allowed to, this room will teach you the basics of this vulnerability and how to detect it.
the room is straight forward, so I’ll just provide the answers, it’s also part of Jr Penetration Tester
What does IDOR stand for?
Insecure Direct Object Reference What is the Flag from the IDOR example website?
Insecure Direct Object Reference What is the Flag from the IDOR example website?
base64What is the Flag from the IDOR example website?
md5What is the minimum number of accounts you need to create to check for IDORs between accounts?
2and now we go to the practical part, which is also a straight forward part
What is the username for user id 1?
adam84What is the email address for user id 3?
j@fakemail.thmand this is all for this room, hope you had what you were looking for.
Recent Comments