You are currently viewing Insecure direct object references

Insecure direct object references


Hello my friends, how are you all? Today we will write articles on access control vulnerabilities. This is our 8th article on access control vulnerabilities. In this article, we will cover the PortSwigger Web Security lab ‘Insecure Direct Object References.’ We will provide a complete step-by-step practical guide to help you understand it well.

Lab Description For Insecure direct object references

In this lab, users’ chat logs are stored directly on the server’s file system. These logs are retrieved through static URLs. To solve this lab, we need to find the password for the ‘carlos’ user and log into their account.

First, access the lab. After accessing the lab, you can find the option for live chat in the top right corner.

Insecure direct object references

First, I had a normal conversation with this bot. It’s a really foolish bot, by the way.

Insecure direct object references

Then, I clicked on the download script, and a script named ‘2.txt’ was downloaded.

Insecure direct object references

When I opened it, it contained the same normal chat. But here, there is an IDOR vulnerability that we will exploit.

Insecure direct object references

I simply renamed ‘2.txt’ to ‘1.txt.’ You can see in the response that we obtained Carlos’ account password.

Insecure direct object references

I simply copied that password. After copying it, I clicked on ‘My Account’ and entered the username ‘carlos’ and the copied password. You can see that we have successfully solved the PortSwigger Web Security lab ‘Insecure Direct Object References.’

You can learn everything related to web security on our website. We upload the latest articles on web security topics daily, so stay with us.

To continue studying check out the next lab i.e. URL-Based Access Control Can Be Circumvented, cover the current lab before visiting the next lab. Good Luck!


What is web security?

Website security refers to protecting a website or web application from cyberattacks, unauthorized access, or other security threats.

What is web application security?

Web application security means protecting a website from cyberattacks. These attacks may include vulnerabilities such as SQL injection, XSS, file inclusion, and others.

Which of the following is a good security practice for web browsing?

It is always a good practice to use an up-to-date browser with timely updates. Keep your browser plugins up-to-date, avoid malicious websites and links, and always enable 2-factor authentication while avoiding clickjacking.

How to find someone’s social security number on the dark web

Searching for someone’s social security number or credit card information on the dark web is illegal and unethical. It is important to always avoid such activities and protect yourself and others from cyber threats.

Leave a Reply