The Dutch Hacker
idor tryhackme

IDOR on Tryhackme

This is the write up for the room IDOR on Tryhackme and it is part of the Jr Penetration Tester Path

Make a connection with VPN or use the attack box on Tryhackme site to connect to the Tryhackme lab environment.

Tasks IDOR

Task 1

1.1 What does IDOR stand for?

Answer: Insecure Direct Object Reference

Task 2

2.1 What is the Flag from the IDOR example website?

Click on the big green View Site
Click on Order Confirmation
Change the ID to 1000

IDOR on Tryhackme

The flag will reveal once you change the number 12345 to 1000 and press enter

Task 3

Read all that is in the task and you already know the answer

3.1 What is a common type of encoding used by websites?

Answer: base64

Task 4

4.1 Read all that is in the task and you already know the answer

Answer: MD5

Task 5

5.1 What is the minimum number of accounts you need to create to check for IDORs between accounts?

Answer: 2

Task 6

Read all that is in this task and press complete

Task 7

Start the machine attached to this room

Once started navigate to the correct URL with firefox given to you when the machine is full started mine was https://10-10-166-159.p.thmlabs.com

Click on customers and create an account by clicking on sign up here

Now that you are logged in click on your account

IDOR on Tryhackme

Press F12 to open the developer tools in firefox. Then click on the tab network. If you do not see anything then press reload

IDOR on Tryhackme

Click on the line where is saying customer?id=
Look at the URL on the right

Developers console with firefox

Now right click on the line and click on Edit and Resend

Resen json IDOR on Tryhackme

Edit the ID number to 1

Once send click on the line that was sent and you see the information in the response tab

resend json with firefox developers console

7.1 What is the username for user id 1?

Answer: adam84

7.2 What is the email address for user id 3?

USe the same technique but change the ID to 3

Resen json in firefox developers console
Developers json console resend
Answer: j@fakemail.thm

Most Popular Post

Sign Up

Signup today for free and be the first to get notified on new updates.
* indicates required

Follow Me

Most Popular Post

Contact Us