webProeasy

SecretKeeper

hackerlab

Task: Password manager web app with source code provided. Solution: IDOR vulnerability in /getPass/<user_id> endpoint - only checks session presence, not ownership. Register any user, then access /getPass/1 to retrieve admin passwords including the flag.

$ ls tags/ techniques/
flaskpythonaccess_controlidorinsecure_direct_object_referenceauthorization_bypasspassword_manager
IDOR (Insecure Direct Object Reference)Authorization bypass via parameter manipulation
🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

Sign in with GitHub to continue. No email required.

$sign in

$ grep --similar

Similar writeups