Hello everyone,

Hope you are doing well, in this post I want to share with you about my finding in a shopping website, as per their policy and rules I cannot reveal the website’s name, so let’s call it redacted.com.

Introduction:

An insecure direct object reference (IDOR) vulnerability occurs when an attacker can access or modify some reference to an object, such as a file, database record, account, etc. which should actually be inaccessible to them. For example, when viewing your account on a website with private profiles, you might visit www.site.com/user=123. However, if you tried www.site.com/user=124


Image for post
Image for post
Curling Profile Card

Curling is an intermediate level retired machine on Hack The Box, and its my first write-up on HTB box so feel free to correct me or ask/suggest anything (leave comments below).

Task:

To get two flags from ‘user.txt’ and ‘root.txt’ .

So let’s get started ...

Enumeration:

The I.P. address for curling machine is 10.10.10.150. First step is to enumerate the machine as shown below:

nmap -sV -p- -T5 10.10.10.150

About

Ravindra Toshniwal

InfoSec Enthusiast | Believer | Hitting things to make them work | I speak lorem ipsum.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store