Skip to content

TechKranti

CyberSecurity Revolution

Tag: mongodb

Structure Of a Mongo Object ID

IDOR through MongoDB Object IDs Prediction

August 25, 2020 Amey Anekar Bounty Hunting

Historically, system developers have been assigning auto-incrementing integer identifiers to database rows. This made it trivial to exploit IDORs. Just one vulnerability could allow exfiltration of all objects belonging to any user in the application. Same goes for delete or edit IDORs.

Continue reading

About Me

Hey There, I am Amey Anekar - Cyber Security Specialist with a passion for solving security problems even when resources are limited. I've been fortunate to develop a knack for gauging an organization's cyber security posture and helping them plan a transition towards becoming more resilient in the face of cyber threats. It's a privilege to be able to contribute to the field and assist organizations in safeguarding their digital assets. Get In Touch    

Search TechKranti

Top Posts & Pages

  • What is "Content-Type: application/x-protobuf": Protobuf Explained For Hackers
  • IDOR through MongoDB Object IDs Prediction
  • How I discovered an SSRF leading to AWS Metadata Leakage

Categories

  • Bounty Hunting
  • Chrome Extension Development
  • Cyber Security Gyaan
  • Cyber Security News & Updates
  • Malware Reports & Analysis
  • Programming
  • Secure Coding
  • Tips & Tricks

Follow Us

  • Facebook
  • Twitter
WordPress Theme: Mercia by ThemeZee.