Skip to content

Security Cipher

  • Home
  • Blog
  • About Us
  • Resources
    • Security Terminologies
    • Vulnerability Explain
    • Secure Code Explain
    • Linux Commands
    • AWS Cloud Security Checklist
  • My Resume
Contact Us

Secure Code Explain

  • DOM Cross-Site-Scripting (XSS)
  • Stored Cross-Site-Scripting (XSS)
  • Reflected Cross-Site-Scripting (XSS)
  • SQL Injection
  • XXE Injection
  • Remote File Inclusion (RFI)
  • Local File Inclusion
  • Clickjacking
  • Remote Code Execution (RCE)
  • Insecure direct object references (IDOR)
  • Secure Cookie not set
  • Log Injection
  • Cross-Site Request Forgery (CSRF)
  • HttpOnly Flag not set

Vulnerability Explain

  • SQL Injection
  • Cross-Site-Scripting (XSS)
  • Home
  • Secure Code Explain
  • Insecure direct object references (IDOR)

Insecure direct object references (IDOR)

Table of Contents
  • ๐Ÿฅบ Vulnerable Code
  • ๐Ÿ˜Ž Secure Code

Here is an example of code that is vulnerable to IDOR (Insecure Direct Object Reference) vulnerability:

๐Ÿฅบ Vulnerable Code #

// This code allows the user to view a list of accounts by specifying the account ID in the URL parameter 
String accountId = request.getParameter("accountId"); 
Account account = accountDao.getAccountById(accountId); 
response.getWriter().write(account.toString());

This code is vulnerable because it does not properly verify that the user has the necessary permissions to view the account with the specified ID. An attacker could manipulate the “accountId” parameter in the URL to view sensitive information for accounts that they are not authorized to access.

๐Ÿ˜Ž Secure Code #

To secure this code, we can add a check to verify that the user has the necessary permissions before displaying the account information:

String accountId = request.getParameter("accountId"); 
Account account = accountDao.getAccountById(accountId); 

// Check if the user has the necessary permissions to view the account 
if (user.getId().equals(account.getOwnerId()) || user.hasRole("ADMIN")) { 
response.getWriter().write(account.toString()); 
} else 
{ response.sendError(403, "Forbidden"); 
}

In the secure code, we added a check to see if the user’s ID matches the ID of the owner of the account, or if the user has the “ADMIN” role. If either of these conditions is true, the account information is displayed. Otherwise, a “Forbidden” error is returned to the user.

Share This Article :
  • Facebook
  • Twitter
  • LinkedIn
  • Pinterest
Remote Code Execution (RCE)Secure Cookie not set

Leave a Reply Cancel reply

Table of Contents
  • ๐Ÿฅบ Vulnerable Code
  • ๐Ÿ˜Ž Secure Code
logo name

Learn penetration Testing …

Instagram Twitter Youtube Telegram Linkedin

Useful Links

Blogs
About
Contact

Recent Post

  • Threat Modeling : Everything You Need to Know for Web Application Security
  • How to Conduct a Successful Penetration Test: A Step-by-Step Guide
  • OSV-Scanner: Protecting Your Open-Source Dependencies

Subscribe Now

Donโ€™t miss our future updates! Get Subscribed Today!

Subscription Form

By entering your email, you agree to our terms & Conditions and Privacy policy.

ยฉ2023. Security Cipher. All Rights Reserved.

Privacy Policies
Terms & Conditions