ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v11 All Questions

View all questions & answers for the 312-50v11 exam
Go to Exam

Exam 312-50v11 topic 1 question 284 discussion

Actual exam question from ECCouncil's 312-50v11
Question #: 284
Topic #: 1
[All 312-50v11 Questions]

Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key. Suppose a malicious user Rob tries to get access to the account of a benign user Ned.
Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?

  • A. ג€GET /restricted/goldtransfer?to=Rob&from=1 or 1=1' HTTP/1.1Host: westbank.comג€
  • B. ג€GET /restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.comג€
  • C. ג€GET /restricted/accounts/?name=Ned HTTP/1.1 Host westbank.comג€
  • D. ג€GET /restricted/ HTTP/1.1 Host: westbank.com
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by ANDRESCB1988 at July 23, 2021, 6:35 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
BigMomma4752
Highly Voted 2 years, 3 months ago
The correct answer is C. -GET/restricted/accounts/?name=Ned HTTP/1.1 Host: westbank.com-
upvoted 14 times
Scryptic
2 years, 3 months ago
Thanks for cleaning up the mess BugMomma
upvoted 3 times
Scryptic
2 years, 3 months ago
BIGMomma. Sheesh, not BUGMomma!
upvoted 8 times
...
...
...
harp0202
Highly Voted 1 year, 10 months ago
Answer is C. A. -GET /restricted/goldtransfer?to=Rob&from=1 or 1=1-" HTTP/1.1Host: westbank.com- B. -GET /restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.com- C. -GET /restricted/accounts/?name=Ned HTTP/1.1 Host westbank.com- D. -GET /restricted/ HTTP/1.1 Host: westbank.com
upvoted 6 times
...
Muli_70
Most Recent 7 months, 3 weeks ago
I think B is correct!!?? The request that best illustrates an attempt to exploit an insecure direct object reference vulnerability is option B: "GET /restricted/rn%00account%00Ned%00access HTTP/1.1 Host: westbank.com". This request contains a null byte ("%00") that separates the "rn" (resource name) from "account" and "Ned" in the URL. This could potentially fool the application into treating "Ned" as an access control parameter, allowing Rob to access Ned's account without proper authorization. This technique is also known as a null byte injection attack. Option A is an example of SQL injection, where an attacker tries to modify the query to retrieve unauthorized data. Option C is an example of parameter tampering, where an attacker tries to modify a parameter value to gain access to unauthorized data. Option D is an example of a generic request that does not appear to be targeting a specific resource or attempting to exploit a vulnerability.
upvoted 1 times
...
Daniel8660
1 year, 2 months ago
Selected Answer: C
Bypassing IDOR via Parameter Pollution Insecure direct object reference (IDOR) is a vulnerability that arises when developers disclose references to internal data enforcement objects such as database keys, directories, and other files, that can be exploited by an attacker to modify the references and gain unauthorized access to data. EX: api.xyz.com/profile/user_id=654&user_id=321 (P.1950/1934)
upvoted 3 times
...
ANDRESCB1988
2 years, 5 months ago
correct
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel