Update IDOR AV bambda

NetSPI · Jun 20, 2024 · dfc10c6 · dfc10c6
1 parent 0223ce0
commit dfc10c6
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 7 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,4 +1,4 @@
 *.DS_Store
 *.vscode
 */.git
-*/.idea/
+.idea/
diff --git a/Filter/Proxy/HTTP/Attack Vectors - IDOR.bambda b/Filter/Proxy/HTTP/Attack Vectors - IDOR.bambda
@@ -6,28 +6,37 @@
  **/
 List<String> idorList = Arrays.asList("account","doc","edit","email","group","id","key","no","number","order","profile","report","user");
 StringBuilder builder = new StringBuilder();
+StringBuilder idorParamsBuilder = new StringBuilder();
 
 HttpRequest request = requestResponse.request();
 if (request.hasParameters()){
-    boolean foundIdorParam = false;
+	boolean foundIdorParam = false;
 
     for (ParsedHttpParameter parameter : request.parameters()){
         String parameterName = parameter.name();
         String parameterValue = parameter.value();
 
-        // check if one of the above params is in the request
         if (idorList.contains(parameterName)) {
             foundIdorParam = true;
+            idorParamsBuilder.append(parameterName + ", ");
         }
-        // Look for UUIDs. Will add more UUID versions later
-        // Will add them to the notes tab of the request in Burp
+
         Matcher m = Pattern.compile("^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$",Pattern.CASE_INSENSITIVE).matcher(parameterValue.toString());
         while (m.find()) {
-            builder.append(m.group() + " ");
+            builder.append(m.group() + " ");  // Append the found UUID to the string
         }
     }
+    StringBuilder notes = new StringBuilder();
+    if (idorParamsBuilder.length() > 0) {
+        notes.append("\n\nPossible IDOR params identified:\n").append(idorParamsBuilder.toString().replaceAll(", $", "")).append("\n");
+    }
     if (builder.length() > 0) {
-        requestResponse.annotations().setNotes(builder.toString());
+        notes.append("\n\nPossible UUIDs identified for an IDOR attack: ").append(builder.toString());
+    }
+
+    // Update the notes in the request
+    if (notes.length() > 0) {
+        requestResponse.annotations().setNotes(notes.toString());
     }
 
     return foundIdorParam || builder.length() > 0;