-
Notifications
You must be signed in to change notification settings - Fork 77
Expand file tree
/
Copy pathInsecureDirectObjectReference.cshtml
More file actions
105 lines (89 loc) · 3.62 KB
/
InsecureDirectObjectReference.cshtml
File metadata and controls
105 lines (89 loc) · 3.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
@model Dictionary<string, object>
@{
ViewData["Title"] = "IDOR Demo";
}
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>@ViewData["Title"]</title>
<link rel="stylesheet" href="~/css/app.css" />
</head>
<body>
<h1 style="text-align: center; margin-bottom: 40px;">🧪 IDOR Demo</h1>
<div class="container">
<!-- Vulnerable Functionality -->
<div class="box">
<h2>Can you get someone else's data?</h2>
<form method="POST">
<label for="UserId">Get My User Data:</label><br>
<input type="hidden" name="UserId" value="1">
<button class="btn btn-success" type="submit">Submit</button>
</form>
</div>
<!-- Secure Coding Challenge -->
<div class="box">
<h2>🔐 Secure the Code</h2>
<p>This page is vulnerable to <strong>Insecure Direct Object Reference (IDOR).</strong></p>
<p>Your task is to find the line that causes this and fix it.</p>
<button class="btn btn-outline-dark mt-2" onclick="openCodePopup()">🕵️ Identify Vulnerability</button>
</div>
</div>
<h2 style="margin: 25px; text-align: center;">User Information</h2>
<table class="table table-bordered">
<thead>
<tr>
<th>Field</th>
<th>Value</th>
</tr>
</thead>
<tbody>
@foreach (var kvp in Model)
{
<tr>
<td>@kvp.Key</td>
<td>@kvp.Value</td>
</tr>
}
</tbody>
</table>
<h6 style="margin: 25px;">More Information:</h6>
<ul>
<li>
<a href="https://cheatsheetseries.owasp.org/cheatsheets/Insecure_Direct_Object_Reference_Prevention_Cheat_Sheet.html">OWASP - IDOR</a>
</li>
<li>
<a href="https://portswigger.net/web-security/access-control/idor">PortSwigger - IDOR</a>
</li>
<li>
<a href="https://www.veracode.com/security/java/cwe-639/">Veracode - IDOR</a>
</li>
</ul>
<!-- First Modal: Insecure Code -->
<div id="codeModal" class="modal">
<div class="modal-content">
<h3>🔍 Analyze the Insecure Code</h3>
<div class="popup-line"><input type="checkbox" class="code-checkbox" onchange="checkVulnerability(this, 1)">
<span>if (userData.ContainsKey(UserId))</span>
</div>
<div class="popup-line"><input type="checkbox" class="code-checkbox" onchange="checkVulnerability(this, 2)">
<span>return View(userData[UserId]);</span>
</div>
<br />
<button onclick="closeCodePopup()">Close</button>
</div>
</div>
<!-- Second Modal: Secure Code -->
<div id="diffModal" class="diff-modal">
<div class="diff-content">
<h3>✅ Secure Version</h3>
<div class="diff-line removed">- if (userData.ContainsKey(UserId))</div>
<div class="diff-line removed">- return Json(userData[UserId]);</div>
<div class="diff-line added">+ // Check if the logged in userId matches the userId in the request body</div>
<div class="diff-line added">+ if (User.FindFirst(System.Security.Claims.ClaimTypes.NameIdentifier)?.Value == UserId.ToString() && userData.ContainsKey(UserId))</div>
<div class="diff-line added">+ return Json(userData[UserId]);</div>
<button onclick="closeDiffPopup()">Close</button>
</div>
</div>
<script src="~/js/idor.js"></script>
</body>