Title: SaaS-API overprivileged vulnerability detection system

Overview

By replacing the authentication information and comparing the packet results, we can determine whether there is an overdue vulnerability in the interface.

Features

Supports HTTPS automatic filtering of static content such as picture/js/css/html pages, avoid blocking, support output reports and complete URLs, requests, and responses

Installation and use

Installation Dependencies

git clone https://github.com/y1nglamore/IDOR_detect_tool.gitpython3 -m pip install -r requirements.txt

Start

python3 start.py

You can listen to socks5://127.0.0.1:8889.

Installation Certificate

Use SwitchOmega and other plug-ins to connect to the agent, and visit mitm.it to enter the certificate installation page and install the certificate according to the operating system.

Take MacOS as an example:

After downloading and installing, open the keychain access, find the mitmproxy certificate, and modify it to alwaysstrus

Detection of vulnerabilities

First prepare the two accounts A and B of the target system, configure the A account information config/config.yml according to the system's authentication logic (cookie, header, parameters, etc.), and then log in to the B account

Access using account B, the script will automatically replace the authentication information and playback, and determine whether there is an overdue vulnerability based on the response result.

Generate a report

Every time there is a new vulnerability, it will be automatically added to the report/result.html and open it through the browser:

Click on the specific entry to expand/collapse the corresponding request and response:

Detection logic

Original connection: https://github.com/y1nglamore/IDOR_detect_tool