Curriculum
Course: Cyber Security
Login

Curriculum

Cyber Security

Text lesson

Eve

Eve can access Alice’s documents by changing an identifier, like a document REST parameter, due to the web application’s failure to enforce object-level authorization, allowing attackers to test and access other data.

$id = getInputFromUser();
$doc = getDocument($id);
return $doc;

The code above requests input from the user without any validation or sanitization, directly using the input in the getDocument function to retrieve the document. A more secure implementation would involve checking the user’s privileges before performing the lookup:

$id = getInputFromUser();
$user = findUsername();
$doc = “”;
if (hasAccessToDocument($user, $id)) {
  $doc = getDocument($id);
} else {
  $doc = “Not authorized for this document”;
}
return $doc;

Vulnerabilities of this nature are easily exploited by simply modifying a number to access another user’s data. Implementing authorization checks beforehand can effectively prevent this issue.