In this article, I will provide an explanation of Insecure Direct Object References (IDOR) to the best of my ability.

I shared many resources and labs in this article, check them out.

I hope you find this article useful.

Topics

• IDOR
  
• IDOR Sources
  
• IDOR Labs
  

What is an IDOR?

An Insecure Direct Object Reference (IDOR) is a vulnerability that enables unauthorized access and the execution of actions on a targeted web application by an attacker.

Web applications often include functions that users can perform within their accounts, such as profile editing. However, to prevent IDOR vulnerabilities, proper authorization checks should be implemented for these functions. For instance, when a user with an ID of 10 attempts to use the profile editing function, the web application should verify if this action belongs to the user with ID 10. IF NOT, the user may be able to manipulate different IDs, gaining unauthorized access to and editing profiles of other users. This is an example of an IDOR.

IDOR is a dangerous and critical vulnerability. Although a common vulnerability, it can be much more complex and hard to detect. The reason for this web applications get more complex as they grow. These complications lead to increased vulnerability. And because of these complications, it is difficult to detect the vulnerability.

Let’s continue with an example from Web Security Academy.

IDOR Sources

• PwnFuction (Video) - Insecure Direct Object Reference (IDOR) Explained
• InsiderPhD (Video) - Finding Your First Bug: Manual IDOR Hunting)
• STÖK (Video) - Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty)
• Mehmet D.INCE (Video) - Web Security 101 0x02, IDOR Insecure Direct Object Reference Zafiyetleri Hakkında Her şey
• Web Security Academy - IDOR
• OWASP - IDOR
• Intigriti - IDOR
• Bugcrowd - How-To: Find IDOR Vulnerabilities for Large Bounty Rewards
• Ayşe Bilgi Gündüz - Everything You Need to Know About IDOR
• Geeksforgeeks - IDOR
• HackTricks - IDOR
• Secjuice - IDOR
• Thehackerish - IDOR Tutorial
• Aditya Soni - Automating BURP to find IDORs
• ProfessorXSS - IDOR is Everywhere 😁 You need to find them
• Gonzalo Carrasco - Fuzzing + IDOR = Admin TakeOver
• Mukul Trivedi (M0hn1sh) - All About Getting First Bounty with IDOR
• Swapmaurya - A Simple IDOR to Account Takeover
• Aseem Shrey - Attention to Details : Finding Hidden IDORs
• Vickie Li - Intro to IDOR
• Vickie Li - All About IDOR Attacks
• Vickie Li - How to find more IDORs
• Sagar Sajeev - Business Logic Vulnerability via IDOR
• Jerry Shah (Jerry) - IDOR - Inside the Session Storage
• Daniel Hunt - A Bug Bounty Hunter’s Guide to IDOR Vulnerabilities
• Graham Zemel - Bug Hunting 101: IDORs for Beginners
• JunoonBro - \(\) IDOR’s — How to find IDORs in Ecommerce sites?
• Swapmaurya - 3 Step IDOR in HackerResume
• c0d3x27 - What is IDOR Vulnerability, and how does it affect you?
• Thexssrat - IDORs: What are they and how do you test for them?
• Mohammad Mohsin - Insecure Direct object Reference
• Prajit Sindhkar - Insecure Direct Object Reference
• nynan - What I learnt from reading 220* IDOR bug reports.
• Ozgur Alp - A Less Known Attack Vector, Second Order IDOR Attacks
• jedus0r - IDOR “Insecure direct object references”, my first P1 in Bugbounty
• Dhanush - Leveraging Burp Suite extension for finding IDOR(Insecure Direct Object Reference).
• Steiner254 - Insecure Direct Object References (IDOR)
• Sathvika - Insecure Direct Object Reference
• Shellmates Club - Insecure direct object references (IDOR) vulnerability
• Chetan Conikee - Insecure Direct Object Reference

IDOR Labs

• Web Security Academy - Lab: Insecure direct object references
• TryHackMe - Web Application Security
• TryHackMe - Corridor - My Writeup
• TryHackMe - Neighbour - My Writeup

I hope you liked my article. See you in my other articles