Broken Access Control
Explore broken access control vulnerabilities, including direct object access and directory traversal attacks. Understand how to prevent unauthorized access by deterring URL probing and enforcing strict authorization checks. Learn techniques to secure file uploads and avoid information leakage, improving the security of distributed systems.
Direct object access
Broken access control refers to application problems that allow attackers to access data they shouldn’t. This can include other users’ data or system-level data like password files.
One of the common forms of broken access control is direct object access. This happens when a URL includes something like a database ID as a query parameter. An attacker sees the ID in the query parameter and starts probing for other numbers.
Since database IDs are assigned sequentially, it’s easy for an attacker to scan for other interesting data. For example, suppose a warehouse management system uses the customer’s ID to display a report of shipments. An attacker can start trying other customer IDs to see what goods are en route. The solution has two parts: reducing the value of URL probing and checking authorization to objects in the first place.
Deter URL probing
We can make it harder to find interesting values. First, don’t use database IDs in URLs. We can generate unique but non-sequential identifiers to use in URLs. In that case, an attacker can probe the ID space but will have low odds of finding interesting results. Another approach is to use a generic URL that is ...