all InfoSec news
Finding the hidden function led to a $300 IDOR
March 29, 2024, 3:35 a.m. | M7arm4n
InfoSec Write-ups - Medium infosecwriteups.com
Hello folks 👋
Today I’m about to tell you guys a story about finding the beautiful BAC on a program so fasten your seatbelt and sit tight.
The story behind the attack is that the attacker can read the comments of the circle that the manager has removed him from. Quite interesting nah ?!
So let’s get into the attack scenario :
- In the first step, we create two accounts, a manager and an attacker
- Then we login to our …
More from infosecwriteups.com / InfoSec Write-ups - Medium
Honeypots 101: A Beginner’s Guide to Honeypots
5 days, 8 hours ago |
infosecwriteups.com
No Dev Team? No Problem: Writing Malware and Anti-Malware With GenAI
5 days, 20 hours ago |
infosecwriteups.com
Devvortex Hackthebox Walkthrough
6 days, 9 hours ago |
infosecwriteups.com
Port Scanning for Bug Bounties
6 days, 9 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
Security Analyst
@ Northwestern Memorial Healthcare | Chicago, IL, United States
GRC Analyst
@ Richemont | Shelton, CT, US
Security Specialist
@ Peraton | Government Site, MD, United States
Information Assurance Security Specialist (IASS)
@ OBXtek Inc. | United States
Cyber Security Technology Analyst
@ Airbus | Bengaluru (Airbus)
Vice President, Cyber Operations Engineer
@ BlackRock | LO9-London - Drapers Gardens