From be9be3326cfb46f1833aef14e48ca3902db945d8 Mon Sep 17 00:00:00 2001
From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com>
Date: Tue, 9 Feb 2021 20:58:04 +0700
Subject: [PATCH] Added uuid bypass

---
 Insecure Direct Object References.md | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/Insecure Direct Object References.md b/Insecure Direct Object References.md
index 58525ec..d958bec 100644
--- a/Insecure Direct Object References.md	
+++ b/Insecure Direct Object References.md	
@@ -105,5 +105,14 @@ Try this to bypass
 GET /ADMIN/profile
 ```
 
+11. Try to swap uuid with number
+```
+GET /file?id=90ri2-xozifke-29ikedaw0d
+```
+Try this to bypass
+```
+GET /file?id=302
+```
+
 Reference: 
-- [@swaysThinking](https://twitter.com/swaysThinking) and other medium writeup
\ No newline at end of file
+- [@swaysThinking](https://twitter.com/swaysThinking) and other medium writeup