How I made 1k in a day with IDORs! (10 Tips!)

Подписаться 80 тыс.

Просмотров 50 тыс.

50% 1

IDORs are some of my favourite bugs, I love their simplicity and the large range of impacts a single bug can cause from mediums to highs! They're also a great beginner bug and also my first bug, so I think they're a great place to get started with Bug Bounty in 2020/2021. However, I know a few people find them difficult bugs so I wanted to share my top 10 tips for IDOR hunting and how I find IDORs reliably and quickly.
Did you know this episode was sponsored by Intigriti? Sign up with my link go.intigriti.com/katie I'm so pleased with everyone's positive response to the Intigriti sponsorship and I'm so pleased you folks are finding bugs and even finding your first bugs! Thank you for being awesome!
- Social Media -
Discord: / discord
Patreon: / insiderphd
Twitter: / insiderphd
- Patreon Shoutouts -
Penny
MechaInfoSec
Wardell Castles
rl1k
strongbeard
Gynvael
Ram
James Clee

Развлечения

Опубликовано:

12 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 142

@santiagosurt3825 Год назад

i absolutly love this video, sharing your methodology is gold valuable for begginers! thanks!

@nathangriffiths8809 3 года назад

Great video Katie!! Cheers!

@dhyeychoksi5178 3 года назад

Yo I was hoping today to watch your earlier IDOR video for some hacking hints for IDOR and you uploaded another one :)) Thankssss! Love your content

@mr.kn0w1t4ll2 3 года назад

Yay, another Insiderphd video !!

@InsiderPhD 3 года назад

Sorry! Been moving it’s super stressful 🙏🙏

@popo_hack Год назад

This is really fruitful content specially when sharing those kind of information. Also when you try to get your first bug it can be little bit hard at beginning. So THANK YOU for giving us your knowledge 😎

@InsiderPhD Год назад

It IS hard, I think what sets out people who don't find a bug and people who do is literally just perseverance. You get more skilled over time but initially all you have is luck, so you've gotta keep trying!

@popo_hack Год назад

@@InsiderPhD Hello again, I am very happy to annonce you that I already found my first bug few days ago on Hacker101 Private Program. I want to thank you for your videos and for sharing your knowledge with us. Happy Hack ^^

@Aya11_Gwen Год назад

@@popo_hackwhat bug is he，How long did it take you to find this bug, I haven't harvested for four months.

@SrRunsis 2 года назад

Mesmerizing content Kate! Thanks :)

@EzequielOsorio 3 года назад

Super informative! Looking to start doing bug bounties; I think this has solidified IDOR’s as a good start.

@mahmoudadel197 Год назад

How did it go?

@Brutalslayer69 Месяц назад

Did u get good at it ??

@hermajaystey Год назад

I appreciate your content so much! And thank you for sharing your bugs with us lol

@llmpixart 3 года назад

marvelous! Thank you for the upload.

@stash1285 Год назад

Amazing! by the sound of it you are very young but alot of teachers could be jealous of your teaching skills ! Good job

@rajatdutta8365 3 года назад

Thanks for sharing. Waiting for more.

@SecurityGau 3 года назад

Great Video for Beginners Katie keep it up.

@jamesgaray7625 2 года назад

Thank you !!! for always making good videos

@sIightIybored 3 года назад

Great Video!

@franz3810 9 месяцев назад

thank u Dr for these videos!

@diegogomes7179 Год назад

Awesome job!!!

@ITHD1 Год назад

Thanks for ur great efforts 🔥

@eduarddd7 3 года назад

thanks Katie!

@ultronhack8151 3 года назад

Just love the way u present, Love from Bangladesh

@hoangsatfe Год назад

Thank you so much. I really love video for you!

@ch1nmqy132 3 года назад

I just started IDORS

@mageshsal1015 3 года назад

Hyy you've given me a good idea for how to look for bugs, since my findings all are duplicate 😅

@ashleypursell9702 3 года назад

awesome video once again, thanks for the secret sauce

@quicktutorials7662 2 года назад

Thank you!

@noelomondi4849 3 года назад

Do you mind sharing a spreadsheet with some of your testcases? That would be helpful for us beginners

@bradleyadleman2404 3 года назад

Great video, thanks for sharing your methodology, it's very helpful!

@smitpatel5868 3 года назад

thanks katie

@Mohsinkhan-bh7py 3 года назад

Awesome keep it up :)

@sirgesound 3 года назад

Love the instruction in your videos..🙂👍🏽👨🏾‍💻

@groeneappel7842 3 года назад

YEEYYY IDORS, I've been focusing on Idors for my first bug s

@animazing1002 3 года назад

Have you found one yet?

@groeneappel7842 3 года назад

@@animazing1002 only a dupe

@zoroatokpas8761 3 года назад

@@groeneappel7842 still you found < cheers

@vukovic1756 2 года назад

did you find any yet

@ronetteprinsloo5048 3 года назад

I hope I can one day be good enough to find some bugs 😅

@InsiderPhD 3 года назад

Practice, practice, practice. Never stop learning, always try to hack and I’m sure you’ll find something!

@lp4969 2 года назад

We're all on the same train let's keep the grind!!

@mahmoudadel197 Год назад

How did it go?

@Frawkesish Год назад

@@mahmoudadel197how's it going for you ? 😅

@starlox0 5 месяцев назад

Me too

@WebWonders1 Год назад

Really appreciate

@davidt01 3 года назад

I found an IDOR + XSS vulnerability, but it was a duplicate :(

@InsiderPhD 3 года назад

Aww that sucks, hopefully you’ll be first next time!

@INJECTED29 3 года назад

Got a bug yass Got a dupe yaaasss Keep trying it will get better with time

@jeffer746 3 года назад

@-メAjax he's probably be a prime suspect in the crime since he literally went to the devs and told them he knows this exploit

@quicktutorials7662 2 года назад

You should be happy about finding it, no matter whether you were the first or not. Well done!

@user-oo4on5lg9m 3 месяца назад

A new subscriber

@faique2995 3 года назад

loved it

@mohittirkey7889 3 года назад

Amazing video Katie specially with those doodles and animations texts, I wanted to ask for test case-4 i.e Firefox Containers , if there is an IDOR with exchanging cookies , how will the attacker steal those cookies from the user until and unless its a XSS . As I submitted 1 bug using the cookies and it was closed as N/A as the triage team asked how the cookies will be stolen from the user.

@InsiderPhD 3 года назад

In this case we use the cookies of account A to make changes to something owned by account B, showing that any user could affect any other user. Sorry if this is unclear it’s a quick way to test if we logged into one account if we could make changes on another! I will make this clearer in a future upcoming video! But to use your example this is a great example of when bug chains can be key to getting a high severity, by, as you say using an XSS, which can be chained into a full account takeover!

@mrvDn 2 года назад

@@InsiderPhD hii Ive got the same question from twitter, asking me how you would get the cookie and csrf token of the victim..

@Rashedulcss 3 года назад

Awesome...!

@7he7hief95 3 года назад

Katie i love your style. *mau

@psm876 3 года назад

Inspired by you... Been a week finding idors... Didn't found any😅 but still looking... I just hope find one soon... Starting to lose motivation...🤒

@no1sploit529 3 года назад

Any Updates?

@aswincp4053 3 года назад

While doing subdomain enumeration, i got 502 error from cloudfront .Is it possible to do a subdomain takeover in this case?

@MooshNj 3 года назад

Kindly create a video about hunting IDORs with Burp Suite Autorize extension

@Stinky_room 3 года назад

Can you explain what you mean when you say endpoint? Do you mean the functionality of the webpage? (Update, delete, add, etc..) Or do you mean like a physical device like a server?

@InsiderPhD 3 года назад

Endpoint in this case is URL that does something, now years ago this would mean a file that exists but modern web apps use something called routing so each URL doesn’t necessarily map to a file, hence calling them endpoints

@AhmedSalah-fi3dt 3 года назад

Hello Katie, if changing session_id user (a) with session_id with user (b) shows his inbox, is it an IDOR?

@monishbasaniwal1687 3 года назад

Nope, session IDs in itself are authentication tokens hence that is just how the website works. Hare supplying As credentials to B

@fahadfaisal2383 2 года назад

I am 15 . Trying to get my first bounty. Wish you have great days ahead.

@dev__004 Год назад

Found anybug?

@fahadfaisal2383 Год назад

@@dev__004 bugs for 3k

@dev__004 Год назад

@@fahadfaisal2383 I started 1 yr ago and learned fpr 2 months stopped and started now again and got 3 duplicates. Any tips for me brother

@fahadfaisal2383 Год назад

Brother, I am not that pro to give advice to you, but I need to automate your tasks avoid duplicates.

@dev__004 Год назад

@@fahadfaisal2383 got any social media handles and also can u mention some of the tools u use. Thank you brother

@akasJha 3 года назад

the chuckles behind base64

@DEADCODE_ Год назад

I love you dude

@nelly4921 3 года назад

Do you mind sharing a sample of the spreadsheet you use cross out what you've

@TheDamoo91 3 года назад

Katie I'm new at this. I found in my first week a bug that has no real impact (from my point of view). Changing the parameters on a "delete user request form" from user "A", putting the ID of user "B", it sends the "confirmation to delete user B" mail to user "B". But user B can ignore this mail and nothing happens. Should I report this?

@InsiderPhD 3 года назад

No, this is expected- User B doesn’t have to action it and since it sends an email that provides another layer of security

@bharathpatel1757 3 года назад

Hi dhidhi ! I started learning about bugbounty from last 3 months I'm on full swing on this thing started doing labs on websecurity academy but i am so afraid dhidhi like to do this things like I am afraid of getting caught . After learning everything Can I implement same thing in intigriti platform and other bug hunting platform ? Is that same what I learnt from web security academy ?? I'm afraid to start hunting in intigriti please suggest some tips to how to stay safe in this ride please

@thebrotherhood1675 3 года назад

whats the process of contacting the company, they obv must have a VDP in place? (if so, is there a list of companies with VDPs out there that you go through?) and then you simply contact the company and send a report of the vulnerability you have found? also how is payment amount decided? (are the details stipulated in their vdp?) thanks for the vid :)

@InsiderPhD 3 года назад

I would only hack on bug bounty platforms like Intigriti, HackerOne, BugCrowd or Synack- simply because it’s 100% legal and safe. For a list of VDPs try disclose.io

@0x1h0b 3 года назад

Hey katie.. your videos are amazing ! ....... can you please share the slides? ... thank you

@buggyn5979 11 месяцев назад

Cute doodles:)

@Abhi-kp1fs 3 года назад

Hello, I have a doubt At 8:10 , you need to have access to two cookies so it can only work if both accounts are owned by you right? Is that a vulnerability? Because you are accessing your own account then right?

@InsiderPhD 3 года назад

Yeah, but what we're demonstrating is that we can do something User A's account, while logged onto to User B, so we could use the vulnerability to change any account. We use 2 accounts we own because usually program rules forbid you from accessing any other users account but ones you create. Hope that helps!

@Abhi-kp1fs 3 года назад

Thank you for the reply! But for this to be a potential threat, wouldn't an attacker need to know the victim's cookie?

@InsiderPhD 3 года назад

No because we swap the cookies: Step 1: perform an action on User As account Step 2: repeat or intercept the request Step 3: Change the cookie from User As to User Bs Step 4: Did it work? If yes it’s an IDOR We never use User As cookie apart from to do the action to capture the request in Burp, then we replace it to simulate an IDOR

@Abhi-kp1fs 3 года назад

Oh okay now i understand. Thank you for clarifying! 🙂

@davidg9469 3 года назад

Have you seen the new INE cyber pass? What's your thoughts on it?

@InsiderPhD 3 года назад

I had not seen it, I googled it, here is my reaction: "Oh buy a year get another free? That's pretty good, how much does it cost- JESUS CHRIST that's expensive"

@InsiderPhD 3 года назад

At that price point you're better looking at more established qualifications that specialise you, rather than trying to take every certification you can

@AjayKumar-xl4jc 3 года назад

>super content (nice$

@Safvanviber-xm3pn 10 месяцев назад

Vertical privilege escalation 😌

@Alexander007A Год назад

i fully understand the idor concept but i didn't know where i can put my practical skills?? how i will find bugs? where i can find it? which website i will use for it? no youtube channel tells us how to find actually>>>>

@InsiderPhD Год назад

Large API! Yahoo, tumblr uber, open sea etc just look for APIs on HackerOne

@Alexander007A Год назад

@@InsiderPhD Well thank you ma'am.. I'm now learning it.. but can you make a video about it how to find IP in Website through hacker one please coz I'm almost done just need one step closer to real world

@cyberpirate007 3 года назад

Got an Heart Attack after seeing this video template.... Thank God I'm Alive now x_x

@nishant8880 3 года назад

IDOR...IDOR....IDOR.... HODOR!! edit: this was so offtopic, but I couldn't resist.

@youtubeuser7717 3 года назад

Why?

@mujtabam265 2 года назад

Please pin the recommended prerequesites in comment or somewhere! ( 1:58 )

@shanehonor2423 3 года назад

I'm a 20 yrs old BSIT student, but only know "hello world". 😔 I really want to learn things like this, but it's so hard.

@andreslauga 3 года назад

It's difficult until it's not! So keep pushing! :)

@robinhood3841 3 года назад

There are nothing that you cant do We all describe any thing we dont know as a hard thing, untill you know it and understand it you will laugh about your self in the past

@shanehonor2423 3 года назад

Thank you so much😊❤️

@malikimranawan3762 3 года назад

love from Pakistan

@alph4byt3 3 года назад

we shouldn't forget about the IDOR that weev found in AT&T Ipads that landed him in Jail

@killabite620 3 года назад

What happened to that guy

@tealeaf9260 3 года назад

@@killabite620 He's been involved with The Daily Stormer. Far-right, antisemitic, white-supremacist stuff, basically.

@quartz6463 Год назад

Finally a non-Indian guy on RU-vid :D

@aswincp4053 3 года назад

What are the most common vulnerability that gets paid?

@InsiderPhD 3 года назад

HackerOne publishes that data! They posted this in the last few days: www.hackerone.com/top-ten-vulnerabilities Currently XSS is on top, followed by Improper Access Control and Information Disclosure. But the thing to look for is % change, that tells you which bugs are becoming more common: Improper Access Control, SSRFs and IDOR might be the bugs to keep an eye out for in the next few years!

@aswincp4053 3 года назад

@@InsiderPhD IDORS are hard to find 😵most probably all of them look for those.

@theologos3705 3 года назад

Idor with cookies is out of scope for the most companies?

@InsiderPhD 3 года назад

It shouldn’t be? It’s just a easier way to demonstrate an IDOR exists

@rafinrahmanchy 3 года назад

Is it worth to find IDORs nowaday?

@InsiderPhD 3 года назад

I found 2 IDORs a month ago for $500 + $250 :)

@rafinrahmanchy 3 года назад

@@InsiderPhD it mostly depend on luck. Since it's easy to find and exploit, it's hard to find. There's high chance of getting duplicate for such basic vulnerabilities.