๐Ÿšฉ
THM Walkthroughs
  • THM Walkthroughs
    • ๐Ÿง‘โ€๐ŸซTutorial
  • ๐ŸŸฆDifficulty: Info
    • ๐Ÿ”ŒWhat is Networking?
    • ๐Ÿ”ŒIntro to LAN
    • ๐ŸงLinux Fundamentals
      • ๐ŸงLinux Fundamentals Part 1
        • Task 2 - A Bit of Background on Linux
        • Task 4 - Running Your First few Commands
        • Task 5 - Interacting With the Filesystem!
        • Task 6 - Searching for Files
        • Task 7 - An Introduction to Shell Operators
      • ๐ŸงLinux Fundamentals Part 2
        • Task 3 - Introduction to Flags and Switches
        • Task 4 - Filesystem Interaction Continued
        • Task 5 - Permissions 101
        • Task 6 - Common Directories
      • ๐ŸงLinux Fundamentals Part 3
        • Task 3 - Terminal Text Editors
        • Task 4 - General/Useful Utilities
        • Task 5 - Processes 101
        • Task 6 - Maintaining Your System: Automation
        • Task 8 - Maintaining Your System: Logs
    • ๐ŸชŸWindows Fundamentals
      • ๐ŸชŸWindows Fundamentals 1
      • ๐ŸชŸWindows Fundamentals 2
      • ๐ŸชŸWindows Fundamentals 3
    • ๐Ÿ”“Principles of Security
    • ๐ŸPython Basics
    • ๐Ÿ”History of Malware
    • ๐ŸฆนCommon Attacks
    • ๐Ÿ–ฅ๏ธSecurity Awareness
    • โš”๏ธIntro to Offensive Security
    • ๐ŸฆนPentesting Fundamentals
    • ๐Ÿ”“CVE Walkthroughs
      • ๐Ÿ–ฅ๏ธSudo Security Bypass: CVE-2019-14287
      • ๐Ÿ–ฅ๏ธSudo Buffer Overflow: CVE-2019-18634
      • ๐Ÿ–ฅ๏ธBaron Samedit: CVE-2021-3156
      • ๐Ÿ–ฅ๏ธOverlayFS: CVE-2021-3493
      • ๐Ÿ–ฅ๏ธPolkit: CVE-2021-3560
      • ๐Ÿ–ฅ๏ธPwnkit: CVE-2021-4034
      • ๐ŸชถApache HTTP Server Path Traversal: CVE-2021-41773/42013
      • ๐ŸงปDirty Pipe: CVE-2022-0847
      • ๐ŸŸขSpring4Shell: CVE-2022-22965
    • ๐ŸŸงBurp Suite
      • ๐ŸŸงBurp Suite: The Basics
      • ๐ŸŸงBurp Suite: Repeater
    • ๐ŸChallenges
      • โคด๏ธBypass Disable Functions
    • ๐ŸŽŸ๏ธTHM PROMOs
      • ๐ŸŽŸ๏ธLearn and win prizes [PROMO ENDED]
      • ๐ŸŽŸ๏ธLearn and win prizes #2 [PROMO ENDED]
  • ๐ŸŸฉDifficulty: Easy
    • ๐Ÿš€Learning Cyber Security
    • ๐Ÿ”The Hacker Methodology
    • ๐Ÿ”Google Dorking
      • Task 2 - Let's Learn About Crawlers
      • Task 4 - Beepboop - Robots.txt
      • Task 5 - Sitemaps
      • Task 6 - What is Google Dorking?
    • ๐ŸOWASP Top 10
      • Task 5 - Command Injection Practical
      • Task 7 - Broken Authentication Practical
      • Task 11 - Sensitive Data Exposure (Challenge)
      • Task 13 - XML External Entity - eXtensible Markup Language
      • Task 14 - XML External Entity - DTD
      • Task 16 - XML External Entity - Exploiting
      • Task 18 - Broken Access Control (IDOR Challenge)
      • Task 19 - Security Misconfiguration
      • Task 20 - Cross-site Scripting
      • Task 21 - Insecure Deserialization
      • Task 24 - Insecure Deserialization - Cookies
      • Task 25 - Insecure Deserialization - Cookies Practical
      • Task 30 - Insufficient Logging and Monitoring
    • ๐Ÿ“กNmap
      • Task 2 - Introduction
      • Task 3 - Nmap Switches
      • Task 5 - TCP Connect Scans
      • Task 6 - Scan Types SYN Scans
      • Task 7 - UDP Scans
      • Task 8 - NULL, FIN and Xmas
      • Task 9 - ICMP Network Scanning
      • Task 10 - NSE Scripts Overview
      • Task 11 - Working with the NSE
      • Task 12 - Searching for Scripts
      • Task 13 - Firewall Evasion
      • Task 14 - Practical
    • ๐Ÿ“กRustScan
      • Task 2 - Installing RustScan
      • Task 5 - Extensible
      • Task 7 - Scanning Time!
      • Task 8 - RustScan Quiz
    • ๐Ÿ™Crack the hash
    • ๐ŸŒOhSINT
    • ๐Ÿง‘โ€๐Ÿš€Vulnversity
    • ๐ŸงŠIce
    • ๐ŸชŸBlue
    • ๐ŸŽ„Advent of Cyber 4 (2022)
  • ๐ŸŸจDifficulty: Medium
    • ๐ŸชŸAttacktive Directory
      • Task 3 - Welcome to Attacktive Directory
      • Task 4 - Enumerating Users via Kerberos
      • Task 5 - Abusing Kerberos
      • Task 6 - Back to the Basics
      • Task 7 - Elevating Privileges within the Domain
      • Task 8 - Flag Submission Panel
    • ๐Ÿ’€Mr Robot CTF
    • ๐Ÿ›—Linux PrivEsc
    • ๐Ÿ›—Linux PrivEsc Arena [WIP]
    • ๐Ÿ›—Windows PrivEsc Arena
  • ๐ŸŸงDifficulty: Hard
    • ๐Ÿ˜Hacking Hadoop [WIP]
  • ๐ŸŸฅDifficulty: Insane
    • โ›บYou're in a cave [WIP]
  • Blank Room (Duplicate Me)
Powered by GitBook
On this page
  • Task 18 [Severity 5] Broken Access Control (IDOR Challenge)
  • Read and understand how IDOR works.
  • Deploy the machine and go to http://MACHINE_IP - Login with the username being noot and the password test1234.
  • Look at other users notes. What is the flag?
  1. Difficulty: Easy
  2. OWASP Top 10

Task 18 - Broken Access Control (IDOR Challenge)

PreviousTask 16 - XML External Entity - ExploitingNextTask 19 - Security Misconfiguration

Last updated 2 years ago

Task 18 [Severity 5] Broken Access Control (IDOR Challenge)

Read and understand how IDOR works.

No answer needed

Deploy the machine and go to http://MACHINE_IP - Login with the username being noot and the password test1234.

No answer needed

Look at other users notes. What is the flag?

HINT: The URL contains ?note=1 - I wonder what happens if you change the parameter value? You might be able to access another users note..

Reveal Flag

flag{fivefourthree}

๐ŸŸฉ
๐Ÿ
๐Ÿšฉ
๐Ÿšฉ