Back to directory
WRITEUP #1634

How I Found an Insecure Direct Object Reference in TikTok

IDOR
bymrhavit
Bounty
5,500
Program
TikTok
Published
Jan 29, 2023
Added to HackDex
Feb 13, 2023
Read Full Writeuphttps://medium.com/@mrhavit/how-i-found-an-insecure-direct-object-reference-in-tiktok-c7303addf223
RELATED WRITEUPS
Zomatoooo! IDOR in Saved Payments
IDOR
How I got my first $13500 bounty through Parameter Polluting (HPP)
IDORXSS
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL
A Creative Way To Get Someones YouTube Videos Deleted + A Copyright Strike Against Their YouTube Channel
IDORBroken Access Control
Bypassing ACLs – IDOR exploitation via HPP
IDORHTTP parameter pollution

Built with ❤️ by Shubham Rawat