IDOR Vulnerabilities | Saikumar Infosec

🧠 Description

IDOR occurs when an application exposes direct references to internal objects (like database keys, file paths, or user IDs) without proper authorization checks, allowing attackers to access other users' data.

IDOR Patterns:

Numeric IDs: /api/users/1234
GUIDs: /api/orders/a1b2c3d4
File paths: /download?file=../../etc/passwd
API keys: X-API-Key header manipulation

💣 Exploitation

# Change user ID in URL
GET /api/profile/1234
# Change to:
GET /api/profile/1235

# Modify POST body
{"user_id": 1234, "amount": 100}
# Change to:
{"user_id": 1235, "amount": 100}

# Change cookies
Cookie: user_id=1234
# Change to:
Cookie: user_id=1235

# UUID enumeration
/api/invoice/550e8400-e29b-41d4-a716-446655440000

🛡️ Bypass Techniques

# Parameter pollution
user_id=1234&user_id=1235

# Type switching
user_id=1234 -> user_id="1234"
user_id=[]=1234&user_id[]=1235

# Null byte injection
user_id=1234%00

# Unicode normalization
/admin vs /ADMIN

# HTTP method switching
GET /api/data -> POST /api/data
DELETE /api/data -> OPTIONS /api/data

🛠️ Tools

# Authz (authorization testing)
authz

🔓 Insecure Direct Object Reference (IDOR)

🧠 Description

💣 Exploitation

🛡️ Bypass Techniques

🛠️ Tools

📚 References