This week I’ll go over the authorisation bypass examples for web for pentesters 2. I know last week I said I would go through the authentication examples, but I wasn’t able to finish it in time ( example 2 is a pain). Without much further to do lets go through the exercise.
Example 1:
In this example, we try to bypass any authorisation by just altering the number at the end, like so:
authorization/example1/infos/1
and
authorization/example1/infos/2
This will give you direct access to the resources, even when you aren’t logged in.
Example 2:
In this example, you can access other users files by just simply incrementing through the number at the end of the url.
authorization/example2/infos/3
and
authorization/example2/infos/4
These will work, but nothing after that, you’ll get an internal server error.
Example 3:
This example is similar to the attack above, however we need to exploit it through the edit page.
First you’ll need to log in and click on any of the posts.Then change the number at the end of the url to 3. You now have access to the information from user2.
That will do it for now, in the next post I’ll hopefully have mass assignment done. Until then keep on hacking.
main 