crash.software
Projects
Pull Requests
Issues
Builds
AllAboutBugBounty
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
List
Boards
Milestones
Builds
Statistics
Contributions
Source Lines
Child Projects
Projects
STRLCPY
AllAboutBugBounty
Commits
be9be332
🤬
Sign In
Added uuid bypass
Muhammad Daffa
committed with
GitHub
3 years ago
be9be332
1 parent
614ff9f0
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
Total 1 files
■ ■ ■ ■ ■ ■
Insecure Direct Object References.md
skipped 104 lines
105
105
GET /ADMIN/profile
106
106
```
107
107
108
+
11. Try to swap uuid with number
109
+
```
110
+
GET /file?id=90ri2-xozifke-29ikedaw0d
111
+
```
112
+
Try this to bypass
113
+
```
114
+
GET /file?id=302
115
+
```
116
+
108
117
Reference:
109
118
- [@swaysThinking](https://twitter.com/swaysThinking) and other medium writeup
119
+
All occurrences
Please wait...
Page is in error, reload to recover