Hello everyone,

Hope you are doing well, in this post I want to share with you about my finding in a shopping website, as per their policy and rules I cannot reveal the website’s name, so let’s call it redacted.com.


An insecure direct object reference (IDOR) vulnerability occurs when an attacker can access or modify some reference to an object, such as a file, database record, account, etc. which should actually be inaccessible to them. For example, when viewing your account on a website with private profiles, you might visit www.site.com/user=123. However, if you tried www.site.com/user=124

Image for post
Image for post
Curling Profile Card

Curling is an intermediate level retired machine on Hack The Box, and its my first write-up on HTB box so feel free to correct me or ask/suggest anything (leave comments below).


To get two flags from ‘user.txt’ and ‘root.txt’ .

So let’s get started ...


The I.P. address for curling machine is First step is to enumerate the machine as shown below:

nmap -sV -p- -T5


Ravindra Toshniwal

InfoSec Enthusiast | Believer | Hitting things to make them work | I speak lorem ipsum.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store