Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It's good to consider this but... Plenty of sites expose user ID as a regular integer. In some cases you might want to avoid this (leaking user count to competitors etc), but I have never heard about anyone calling this a vulnerability.


It's referred to as an "Insecure Direct Object Reference" (IDOR) vulnerability. In many cases it is not actually a vulnerability, however, when an application contains sensitive information and lacks authorization or rate-limiting it can be exploited to enumerate the entire database.

https://cheatsheetseries.owasp.org/cheatsheets/Insecure_Dire...

When I first joined $company, HR sent me a SharePoint document with a numerical ID. Incrementing or decrementing the ID allowed me to view personal information of other employees including their pay.


I hear this all the time. Every 3PPT report I see is cranky if you have userid=2345 as you can enumerate it.

Personally I think it's stupid but this is a tempting solution.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: