Member-only story
Hunting for IDOR and BAC Vulnerabilities in B2B Applications with Burp Suite’s Authorize Extension
In today’s fast-paced world of agile development and B2B (business-to-business) applications, security professionals and bug bounty hunters alike are constantly on the lookout for vulnerabilities. Two prominent types are Insecure Direct Object References (IDOR) and Broken Access Control (BAC). These vulnerabilities can be game-changers when uncovered, especially given the criticality of B2B systems which often contain sensitive data or core business functions.
This article will guide you through using Burp Suite’s Authorize extension to identify these vulnerabilities, with practical examples and tips on effective testing techniques. With agile release cycles and frequent updates, even if the team has secured 99.4% of the endpoints, there’s always a chance to find that obscure feature or hidden parameter that opens the door to privilege escalation or unauthorized access.
Overview of IDOR and BAC
What is IDOR?
Insecure Direct Object References (IDOR) occur when an application allows users to access objects, like records or files, directly through a reference without proper access control checks. If a user has direct access to objects they shouldn’t, it can lead to unauthorized data disclosure or privilege escalation.
What is BAC?
Broken Access Control (BAC) involves improper implementation of access control rules. This could lead to unauthorized access, allowing users to perform actions or view data they’re not entitled to. BAC can manifest in both vertical privilege escalation (lower privilege users gaining access to admin functions) and horizontal privilege escalation (one user gaining access to another’s data).
Setting Up Burp Suite’s Authorize Extension
The Authorize extension in Burp Suite helps to detect BAC and IDOR vulnerabilities by intercepting requests and comparing them against a defined set of credentials. Here’s how to set it up:
- Install the Authorize extension: Go to the Burp Suite Extensions tab, search for “Authorize,” and install it from the BApp Store.
