Commit cdb93fef authored by Philip Linghammar's avatar Philip Linghammar
Browse files

Updates failure-to-restrict-url-access.md 

Auto commit by GitBook Editor
parent 0ca1eba5

SUMMARY.md

+82 −81
Original line number Diff line number Diff line
@@ -31,12 +31,12 @@ 
      * [Finding subdomains](finding_subdomains.md)

      * [DNS Zone Transfer Attack](dns_zone_transfer_attack.md)

* [Vulnerability analysis](vulnerability_analysi1s.md)

    * [Server-side vulnerabilities](server-side-vulnerabilities.md)

  * [Server-side Vulnerabilities](server-side-vulnerabilities.md)

    * [Common ports\/services and how to use them](list_of_common_ports.md)

    * [Port Knocking](port_knocking.md)

  * [HTTP - Web Vulnerabilities](web-services.md)

        * [Common web-services](common_web-services.md)

        * [WAF - Web application firewall](waf_-_web_application_firewall.md)

    * [Common Web-services](common_web-services.md)

    * [WAF - Web Application Firewall](waf_-_web_application_firewall.md)

    * [Attacking the System](lead_to_compromise.md)

      * [Local File Inclusion](local_file_inclusion.md)

      * [Remote File Inclusion](remote_file_inclusion.md)
@@ -46,7 +46,8 @@ 
      * [XML External Entity Attack](xml_external_entity_attack.md)

      * [Bypass File Upload Filtering](bypass_image_upload.md)

      * [Exposed Version Control](exposed_version_control.md)

        * [Attacking the user](attacking_the_user.md)

      * [Failure to Restrict URL Access](failure-to-restrict-url-access.md)

    * [Attacking the User](attacking_the_user.md)

      * [Clickjacking](clickjacking.md)

      * [Broken Authentication or Session Management](broken_authentication_or_session_management.md)

      * [Text\/content-injection](text-injection.md)

failure-to-restrict-url-access.md

0 → 100644
+30 −0
Original line number Diff line number Diff line 
## Failure to Restrict URL Access







This basically means that a normal user has access to areas on a webpage that should only be accessible to an administrator, or another user. This can happen when the website hides functionality from its users, instead of restricting it with authentication. So if the user finds out the hidden URL the user will be able to access that part of the website.







### 



### How to exploit it



It kind of depends on what access you have to the service. If you have access to an installation you can just create a list of all URLs that the admin-account, or low-privilege accounts have access too. And then check if a non-authenticated users can access those pages.



If you are testing it black-box style you can force browse it.







### References







https://www.owasp.org/index.php/Top\_10\_2010-A8-Failure\_to\_Restrict\_URL\_Access