DEV Community

ckyoo
ckyoo

Posted on

[jan2025] thm.jrpt-path. 3/n

#security #webdev #discuss

[IDOR]

IDOR is an access control vulnerability, which stands for Insecure Direct Object Reference. This happens when the user input that was received is not checked or validated in server-side.

in this link, https://onlinestore.thm/order/1000/invoice there is a segment where the user can manipulate the order #.

One technique that was mentioned is to decode and encode the string and determine if there was any changes in the response.

Image description

Top comments (0)

profile
Cloudinary
 Promoted

Cloudinary image

Video API: manage, encode, and optimize for any device, channel or network condition. Deliver branded video experiences in minutes and get deep engagement insights.

Learn more

Read next

stephaniedsouza profile image

Top 5 Phone Number Validation 📞 APIs for Developers: Features, Integration, and Pricing Guide ⚡

Stephanie D'Souza -

lokeshjoshi profile image

How AI Helps Reduce False Positives in Cyber Threat Detection?

Lokesh Joshi -

albert_kavin_186c1005a3a8 profile image

How to Integrate SaaS Apps Without Coding – A No-Code Guide for Non-Technical People

Albert Kavin -

satyam-ahirrao profile image

💡Mastering Linux Server Management: Essential Configurations & Logs🖥️

Satyam Ahirrao -