Introduction
In this article i will be going over Broken Access Control(BAC) which also includes IDOR. Some might see this as a separate issue type but in reality IDORs are simply another form of BAC.
BAC is a beautiful issue type and i think it’s often overlooked in bug bounties but you have to pick the right target of course! You target needs at least:
- To create accounts or give you accounts
- Different privilege levels
- Direct object references for IDORs (example userID=123)
Let’s start with IDORs
Insecure Direct Object Reference (IDOR)
What is it
IDOR: Insecure Direct Object Reference
These types of vulnerabilities arise from acces control issues. We will devote another entire chapter to those types of vulnerabilities. The term IDOR was made popular in by appearing in the OWASP top 10 but in reality it’s simply another type of Broken Access Control issue. IDORs can manifest in both horizontal and vertical privilege escalation. To speak of an IDOR, the following conditions have to be met:
- An object identifier exists in the request, either as GET or POST parameter
- A Broken Access Control issue has to exist allowing the user access to data they should not be able to access
