Hello everyone , I meet you again , I'm your friend, Quan Jun .

List of articles

• The first day
  • IDOR What are the loopholes ？
  • Where it usually appears
    • Inquire about get request
    • post The value of the form
    • cookies
  • Challenge
    • On
    • Challenging questions

The first day

There is a problem with the cargo system , Let's find a way to repair !

IDOR Loophole What is it? ？

Insecure Direct Object Reference, Unsafe direct object reference , Is a privilege control vulnerability , Similar to ultra vires loopholes , That is, users access information they should not access , For example, I can only view my own information , But I can access other people's data by modifying some parameters .

Where it usually appears

Inquire about get request

post The value of the form

Users here id It's hidden , If modified , It may lead to arbitrary user password modification vulnerability

cookies

cookie Generally, some encrypted strings are used , However, some junior programmers may use some simple plaintext to transmit information

Take the following example , It can be modified by user_id To get information about other users

Challenge

On

The system has been tampered with , There's a problem （ Although I didn't see it hhhh

After a look, there are four function pages , The fourth is in line with the loophole we want to learn this time

Be able to see in url There are parameters in

Try to modify this value , Modify to 9 Found the person who tampered with the system

Click on Revert The button enables the system to recover

Challenging questions

1. seek santa The location of , according to user_id The changes found santa that will do

2. and 1 The same way of thinking

3. ditto

4. Just order it all user_id by 9 Of Revert You can recover flag

Publisher ： Full stack programmer stack length , Reprint please indicate the source ：https://javaforall.cn/131772.html Link to the original text ：https://javaforall.cn