Рет қаралды 75,400
Hi everyone, welcome to the third video in the "Finding Your First Bug" in this series I'm going to go over some good first bugs: explain what they are, how to find them, show some examples of real bugs in the wild that paid out and finally do a practical example with Burp on a real target.
In this video, we'll be talking about IDORs (Insecure Direct Object Reference), which is a fancy term for 'the application didn't authenticate an endpoint correctly'. These are great first bugs, they don't require any technical knowledge and you can just use burp to find them.
0:00 - Theory: what is an IDOR and how to find them
8:21 - Case studies: 7 examples of IDORs which have paid out
27:28 - Practical Burp: Looking at the Hacker101 CTF level "postbook"
-- Case Studies --
- Response program can create bounty table - $500: hackerone.com/reports/460920
- [IDOR] Deleting other people's tasks - $300: hackerone.com/reports/293845
- IDOR bug to See hidden slowvote of any user even when you dont have access right - $300: hackerone.com/reports/661978
- Bypass of my three other reports #267636 + #255894 + #271861 - (IDOR) Ability to see full name associated with other New Relic accounts - $1,500: hackerone.com/reports/320173 and www.jonbottarini.com/2018/01/...
- Replace other user files in Inbox messages - $1,000: hackerone.com/reports/322661
- Low Privileged user able to add new Geographical settings to the Admin account. - $750: hackerone.com/reports/420130
- Validation message in Bounty award endpoint can be used to determine program balances - $1,500: hackerone.com/reports/293299
- IDOR to add secondary users in www.paypal.com/businessmanage/users/api/v1/users - $10,500: hackerone.com/reports/415081
-- You Should Also Watch --
Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty) - STÖK - • Burp Suite tutorial: I...
-- Social Media --
- Twitter: / insiderphd