Unbelievable…

  • Deebster@programming.dev
    link
    fedilink
    English
    arrow-up
    1
    ·
    6 months ago

    To fuzz this, I simply used Burp’s intruder to enumerate from %00 to %FF at the end of the URL.

    I like to think about what normal people would think when they read something like this. It sounds like a line from a cyberpunk wizard.

    We had confirmed that we could bypass authorization for the API endpoints by simply replaying the HTTP request multiple times

    Not really replaying, since his initial request worked. Feels like it’s going through a load balancer and one from that group of servers didn’t have authentication enabled (accidentally included a test/dev server, maybe).