How to Automate IDOR using BurpSuit
What is IDOR
IDOR stands for ‘Insecure Direct Object Reference’. It is a security vulnerability in which a user is able to change data or can access data of another users. IDOR occurs when the internal implementation of an object is done without proper validation mechanism which allow an attacker to gain access to these data.
What is BurpSuit
BurpSuite is a proxy intercepting tool which is used to modify, analyse, and in some cases inject traffic in the session between the client and server.
How to configure burp to find IDOR
Here we are going to use two burp-suit extensions to find IDOR
How to add AutoRepeater
To add AutoRepeater in your burp-suit extensions list, first go to Extender tab and then go to “BApp Store” (Sub-tab) find “Auto Repeater” and click on install and it will add AutoRepeater in your burp-suit tabs.
How to add Autorize
To add Authorize we need Jython. First of all, open the “Extender” Tab and navigate to the “Options” sub-tab. Then navigate to your jython file (Standalone version) which you can download from here https://www.jython.org/download.html
after this you can simply add Autorize by going to “BApp Store”.
After clicking on Autorize tab you will see an interface like this
Steps to check
- First login from one account and capture the request
- Now copy cookies, headers and paste them in the Autorize tab’s cookies options
- Turn the Autorize on
- Now navigate the web application from another user account and burp will send the same request with provided cookies and will show you the results in color encoded form which are
1. Bypassed: Red-color
2. Enforced: Green color
3. Is enforced: Yellow-color
Interface of AutoRepeater is similar to Autorize
Steps to check
- Go to AutoRepeater tab and click on “activate AutoRepeater”
- Now click on add and it will pop up a screen like this
- Here you can select the type of request you want to change
- Now put the string you want to change in ‘match column’
- And the one you want to replace in ‘Replace column’
- then click on OK and start to explore the application again and it will change the all of the string you want to change and will also show you the result like this