Finding IDORs with CODE REVIEWS!
Рет қаралды 11,355
Жыл бұрынHi! I'm a pentester and a bug bounty hunter who's learning every day and sharing useful resources as I move along. Subscribe to my channel because I'll be sharing my knowledge in new videos regularly.
SIGN UP ON YesWeHack:
yeswehack.com/auth/register
BUY ME A COFFEE:
www.buymeacoffee.com/farahhawa
SOCIAL MEDIA:
Follow me on Twitter: / farah_hawaa
Follow me on Instagram: / farah_hawaa
Connect with me on LinkedIn: / farah-hawa-a012b8162
Vulnerable code snippet: github.com/yeswehack/vulnerab...
YesWeHack blog: blog.yeswehack.com/
@Antidesigns Жыл бұрын
Such examples are very helpful to understand what is going on under the hood, thank you!
@justinpeter5752 Жыл бұрын
It’s interesting because this is a case of demorgan’s law. It’s very clever to use digital logic properties to train people in security. So ~(A•A) == (~A+~A). It’s very clever. Nice video cutie 😊
@user-kp7qz2dp8t 9 ай бұрын
as an security auditor i would say you are teaching good stuff..
@mehrabhasan5773 Жыл бұрын
Would love to see more content related to code reviews.
@faboxbkn Жыл бұрын
Amazing! keep up the good work :D
@haanrey Жыл бұрын
VEry Well Explained farah !! We need more IDOR videos !! Sharing this with my frinedss
@FarahHawa Жыл бұрын
thank you so much!!!
@saminbinhumayun858 7 ай бұрын
I think you should do more videos like this,It was really helpful
@justinpeter5752 Жыл бұрын
Wow!! I love your accent!!
@ramymimouni6639 Жыл бұрын
to anyone who got confused about the if condition : if sess != '4eb...04' ( meaning whatever value is not equal to that is true ) && user != 'tom' ( meaning whatever user name you type is also true ) therefore true + true = true and that will prompt the msg "You are not allowed to view this content". if sess = to '4eb...04' ( meaning sess = false ) && user = 'tom' ( meaning user = false ) therefore false + false = false and that will grant you access and false + true = false therefore granting you access in this case too.
@joy3658 26 күн бұрын
What if true+false instead false+true?
@joy3658 26 күн бұрын
Really good explained!
@famspower Жыл бұрын
Thank you for this interesting video
@debarghyamaitra Жыл бұрын
I found an IDOR vuln in our college website just now💀
@viduptor Жыл бұрын
good job.. its nice.. thanks..
@prakhar0x01 Жыл бұрын
Well , it is more easy to understand if you also demonstrate the attack(practically).
@FarahHawa Жыл бұрын
thanks for the tip, I will try to do that with the next one :)
@Metavert Жыл бұрын
Not sure if this code was actually vulnerable to an IDOR since it uses the ‘&&’ operator which means both the cookie and user id had to be the correct match. Simply changing the id wouldn’t actually fulfill the access control condition.. the attacker would also need to get the cookie right. If the conditional statement was written to check whether the cookie OR the user id met the correct criteria, then that would be an IDOR vuln. Other than that, nice vid
@zaidarif5500 Жыл бұрын
The if condition is for not equal to. So say the sess is something else And the user is Tom So sess not equal to "4eb...04" (true) user not equal to 'tom' (false) True && false is False. Therefore the IF condition won't run, that is "You are not allowed to view this content" won't run at all, and the attacker would have the access.
@yurilsaps Жыл бұрын
Really good
@faboxbkn Жыл бұрын
Orb crossing the screen from side to side at 0:43
@AhmetBurakAkay Жыл бұрын
Thanks.
@maakthon5551 Жыл бұрын
keep it up
@zaidarif5500 Жыл бұрын
Guys if you have any doubts regarding the IF condition: The if condition is for not equal to. So say the sess is something else And the user is Tom So sess not equal to "4eb...04" (true) user not equal to 'tom' (false) True && false is False. Therefore the IF condition won't run, that is "You are not allowed to view this content" won't run at all, and the attacker would have the access
@brice2825 9 ай бұрын
yh logic gate 1 and 0 = 0
@riteshsharma9838 Жыл бұрын
Hello mam, i am Ritesh , I am new in bug bounty learning i want to ask you that currently i am not good at any of programming language, could you just recommend me which language should i learn that can help me in the journey of bug bounty, please reply if you found the question answerable. Thank you
@yvesgonzaga4223 Жыл бұрын
How do you know that the id is not something like a UUID or a random generated strings?
@FarahHawa Жыл бұрын
You’ll see the file ID in the GET request right. Because it looks like details/1234.json, you can always enumerate through the IDs
@aiteshammamadapur8141 Жыл бұрын
Saved
@TheHackersRoom Жыл бұрын
it is using "&&" so it will check for both the conditions..... I think you did a mistake in telling..!
@bkg2190 Жыл бұрын
👍
@user-yz5yl8eg9j Жыл бұрын
Will I be able to work in bug bounty with core i3 and 4 Ram laptop as beginning learning
@masthanjinostra2981 Жыл бұрын
Sure 👍🏻. Train yourself using Linux & make linux on only OS. High spec laptops only needed when to process some big tasks to crack pass / when using automation tool to find some specific bugs. Burp suite tool also can’t handle few extensions with small spec laptop ( automation ). Anyway that’s good enough to start with.
@daniferraz3769 Жыл бұрын
When I grow up, want be like you 🤩
@shizanahamadali3748 Жыл бұрын
can you make a day in life video?🙋
@kannadagammer51 Жыл бұрын
Hi i want to learn Bug Bounty hunting from scratch level can you teach
@justinpeter5752 Жыл бұрын
You know that the opposite of && would look better with || instead of OR?
@FarahHawa Жыл бұрын
True, but when I say OR, I want the visualisation to click in the head immediately!
@huntit4578 Жыл бұрын
Code is checking for both cookie_id & username changing one wont achieve anything
@shivammittal657 Жыл бұрын
Case study ki vedio bna lo hacking ki or impact of sql
@manashalder1206 Жыл бұрын
This is doglapan 😢, we need part two on this topic..!
@archlinux8390 Жыл бұрын
there using && so both condition must be true ! idk what your saying
@ramymimouni6639 Жыл бұрын
bc it's not equal ( != ), what you're saying is correct in case you have strictly equal ( == ) if sess != '4eb...04' ( meaning whatever value is not equal to that is true ) && user != 'tom' ( meaning whatever user name you type is also true ) therefore true + true = true and that will prompt the msg "You are not allowed to view this content". if sess = to '4eb...04' ( meaning sess = false ) && user = 'tom' ( meaning user = false ) therefore false + false = false and that will grant you access and false + true = false therefore granting you access in this case too.
@DSS-cy8tg Жыл бұрын
Why did you remove my last comment?
@omarashraf5516 11 ай бұрын
Your name is arabic name and is meaning is happiness
@Bosssssss77777 Жыл бұрын
NYC Janu
МИЛАНА ТУТ 👀
Рет қаралды 5 МЛН
Mayur Chavan
Рет қаралды 9 М.
BePractical
Рет қаралды 5 М.
МИЛАНА ТУТ 👀
Рет қаралды 5 МЛН