Advertisement
Information Security Session (IDOR) - Null Meet Chennai
Information Security Session (IDOR) - Null Meet Chennai
Information Security Session (IDOR) - Null Meet Chennai
Information Security Session (IDOR) - Null Meet Chennai
Information Security Session (IDOR) - Null Meet Chennai
Information Security Session (IDOR) - Null Meet Chennai
Information Security Session (IDOR) - Null Meet Chennai
Information Security Session (IDOR) - Null Meet Chennai

Check these out next

The Dungeons & Dragons Guide to Marketing
The Dungeons & Dragons Guide to Marketing
Ian Lurie
How You Can Change the World
How You Can Change the World
24Slides
signmesh snapshot - the best of sustainability
signmesh snapshot - the best of sustainability
signmesh
The Science of a Great Career in Data Science
The Science of a Great Career in Data Science
Kate Matsudaira
The ABC’s of Living a Healthy Life
The ABC’s of Living a Healthy Life
Dr. Omer Hameed
CAREER FORWARD - THE TOOLS YOU NEED TO START MOVING
CAREER FORWARD - THE TOOLS YOU NEED TO START MOVING
Kelly Services
Top 5 Skills for Project Managers
Top 5 Skills for Project Managers
LinkedIn Learning Solutions
Mind-Blowing Facts About National Parks
Mind-Blowing Facts About National Parks
Ethos3
1 of 8

Information Security Session (IDOR) - Null Meet Chennai

Jul. 24, 2017
Download to read offline
Education

Insecure Direct Object Reference - IDOR

Vignesh Chandrasekaran
CEO - Vault Infosec at Vault Infosec
Advertisement
Advertisement
Advertisement

Recommended

The Student's Guide to LinkedInThe Student's Guide to LinkedIn
The Student's Guide to LinkedInLinkedIn78.4K views25 slides
Different Roles in Machine Learning CareerDifferent Roles in Machine Learning Career
Different Roles in Machine Learning CareerIntellipaat9.5K views22 slides
Defining a Tech Project Vision in Eight Quick Steps pdfDefining a Tech Project Vision in Eight Quick Steps pdf
Defining a Tech Project Vision in Eight Quick Steps pdfTechSoup 7.6K views16 slides
The Hero's Journey (For movie fans, Lego fans, and presenters!)The Hero's Journey (For movie fans, Lego fans, and presenters!)
The Hero's Journey (For movie fans, Lego fans, and presenters!)Dan Roam27.4K views14 slides
10 Inspirational Quotes for Graduation10 Inspirational Quotes for Graduation
10 Inspirational Quotes for GraduationGuy Kawasaki300.7K views11 slides
The Health Benefits of DogsThe Health Benefits of Dogs
The Health Benefits of DogsThe Presentation Designer 33.4K views31 slides

More Related Content

Recently uploaded(20)

sst lesson plan shivani.pptxsst lesson plan shivani.pptx
sst lesson plan shivani.pptx
DEEPAKKUMAR9902360 views
Values and Underlying Beliefs.docxValues and Underlying Beliefs.docx
Values and Underlying Beliefs.docx
write50 views
Understanding and challenging behaviours.docxUnderstanding and challenging behaviours.docx
Understanding and challenging behaviours.docx
write50 views
Traumatic Brain Injury Care Report.docxTraumatic Brain Injury Care Report.docx
Traumatic Brain Injury Care Report.docx
write50 views
Utilize Interface Yet Complex.docxUtilize Interface Yet Complex.docx
Utilize Interface Yet Complex.docx
write50 views
Vehicle maintainance.docxVehicle maintainance.docx
Vehicle maintainance.docx
write50 views
Ensuring health and safety in civil engg project- Aswathy Asokan Sreelatha- L...Ensuring health and safety in civil engg project- Aswathy Asokan Sreelatha- L...
Ensuring health and safety in civil engg project- Aswathy Asokan Sreelatha- L...
Aswathy Asokan0 views
Updated.docxUpdated.docx
Updated.docx
write50 views
Utopia.docxUtopia.docx
Utopia.docx
write50 views
Topic related to Fire health and safety resourses.docxTopic related to Fire health and safety resourses.docx
Topic related to Fire health and safety resourses.docx
write50 views
Unit II Discusion.docxUnit II Discusion.docx
Unit II Discusion.docx
write50 views
TU Week 3 Quality Management Systems Discussion.docxTU Week 3 Quality Management Systems Discussion.docx
TU Week 3 Quality Management Systems Discussion.docx
write50 views
TWO PART Interdisciplinary Plan Proposal.docxTWO PART Interdisciplinary Plan Proposal.docx
TWO PART Interdisciplinary Plan Proposal.docx
write50 views
VARIOUS CLAIMANTS v LATIMER HOTELS GROUP LIMITED Counsel is instructed.docxVARIOUS CLAIMANTS v LATIMER HOTELS GROUP LIMITED Counsel is instructed.docx
VARIOUS CLAIMANTS v LATIMER HOTELS GROUP LIMITED Counsel is instructed.docx
write50 views
Two Couples Would Get.docxTwo Couples Would Get.docx
Two Couples Would Get.docx
write50 views
A Laboratory Literacy Course for Fifth Graders before Formal Learning of Scie...A Laboratory Literacy Course for Fifth Graders before Formal Learning of Scie...
A Laboratory Literacy Course for Fifth Graders before Formal Learning of Scie...
LalitKishore180 views
University of the Cumberlands Project Management Worksheet.docxUniversity of the Cumberlands Project Management Worksheet.docx
University of the Cumberlands Project Management Worksheet.docx
write50 views
Using the theory of unpleasant symptoms as a what would.docxUsing the theory of unpleasant symptoms as a what would.docx
Using the theory of unpleasant symptoms as a what would.docx
write50 views
UML Management Project Skills and Customer Interface Questions.docxUML Management Project Skills and Customer Interface Questions.docx
UML Management Project Skills and Customer Interface Questions.docx
write50 views
Values and Economics.docxValues and Economics.docx
Values and Economics.docx
write50 views

Featured(20)

The Dungeons & Dragons Guide to MarketingThe Dungeons & Dragons Guide to Marketing
The Dungeons & Dragons Guide to Marketing
Ian Lurie15.6K views
How You Can Change the WorldHow You Can Change the World
How You Can Change the World
24Slides57.4K views
signmesh snapshot - the best of sustainabilitysignmesh snapshot - the best of sustainability
signmesh snapshot - the best of sustainability
signmesh9.4K views
The Science of a Great Career in Data ScienceThe Science of a Great Career in Data Science
The Science of a Great Career in Data Science
Kate Matsudaira38.1K views
The ABC’s of Living a Healthy LifeThe ABC’s of Living a Healthy Life
The ABC’s of Living a Healthy Life
Dr. Omer Hameed1.1M views
CAREER FORWARD - THE TOOLS YOU NEED TO START MOVINGCAREER FORWARD - THE TOOLS YOU NEED TO START MOVING
CAREER FORWARD - THE TOOLS YOU NEED TO START MOVING
Kelly Services2.8K views
Top 5 Skills for Project ManagersTop 5 Skills for Project Managers
Top 5 Skills for Project Managers
LinkedIn Learning Solutions22.8K views
Mind-Blowing Facts About National ParksMind-Blowing Facts About National Parks
Mind-Blowing Facts About National Parks
Ethos343.2K views
8 Easy Ways to Relieve Stress At Work (Backed By Science)8 Easy Ways to Relieve Stress At Work (Backed By Science)
8 Easy Ways to Relieve Stress At Work (Backed By Science)
True Stress Management2.7K views
ChatGPT What It Is and How Writers Can Use It.pdfChatGPT What It Is and How Writers Can Use It.pdf
ChatGPT What It Is and How Writers Can Use It.pdf
Adsy31.6K views
Pixar's 22 Rules to Phenomenal StorytellingPixar's 22 Rules to Phenomenal Storytelling
Pixar's 22 Rules to Phenomenal Storytelling
Gavin McMahon4.7M views
2022 Women in the Workplace Briefing2022 Women in the Workplace Briefing
2022 Women in the Workplace Briefing
McKinsey & Company22.8K views
10 Steps great leaders take when things go wrong10 Steps great leaders take when things go wrong
10 Steps great leaders take when things go wrong
GetSmarter82.7K views
Forgotten women in tech history.Forgotten women in tech history.
Forgotten women in tech history.
Domo143.5K views
A Product Manager's JobA Product Manager's Job
A Product Manager's Job
joshelman806.9K views
Top 10 Tips for Getting a Good Night's SleepTop 10 Tips for Getting a Good Night's Sleep
Top 10 Tips for Getting a Good Night's Sleep
Dana-Farber Cancer Institute50.3K views
The Road to Financial WellnessThe Road to Financial Wellness
The Road to Financial Wellness
Experian_US10.2K views
24 Time Management Hacks to Develop for Increased Productivity24 Time Management Hacks to Develop for Increased Productivity
24 Time Management Hacks to Develop for Increased Productivity
Iulian Olariu1.9M views
GO BRAND YOURSELF. How to land a job with personal branding in 5 stepsGO BRAND YOURSELF. How to land a job with personal branding in 5 steps
GO BRAND YOURSELF. How to land a job with personal branding in 5 steps
Lorenzo Galbiati196K views
Trillion Dollar Coach Book (Bill Campbell)Trillion Dollar Coach Book (Bill Campbell)
Trillion Dollar Coach Book (Bill Campbell)
Eric Schmidt2M views
Advertisement

Information Security Session (IDOR) - Null Meet Chennai

  1. IDOR Vignesh Chandrasekeran https://www.linkedin.com/in/vignesh-c-76539854/ https://twitter.com/thevickyvigi
  2. IDOR – Common Mistakes
  3. What to Verify ? 1. For direct references to restricted resources, the application needs to verify the user is authorized to access the exact resource they have requested. 2. If the reference is an indirect reference, the mapping to the direct reference must be limited to values authorized for the current user.
  4. Simple find !!! Huge data Leak !!!
  5. My Record
  6. Change ID , Job Done!!!
  7. Simple Remediation Ø Using per-session of per-user indirect references Ø Checking access rights for direct references
  8. Finally we are Done!!
Advertisement