Corridor | tryhackme

3 min readNov 3, 2022

Hello,

here we are again with another ctf from tryhackme. This one is particularly interesting cos it projected a particular type of vulnerability on websites-IDORs.

For those of us that don’t know what IDORs are, it means Insecure Direct Object Reference. And if that still doesn’t make sense, it refers to an access control vulnerability where unvalidated user input can be used for unauthorized access to resources or operations.

Still doesn’t make sense? Read through this.

It’s usually found in url endpoints. This ctf challenge explores IDORs in action; so stay with me as I walk you through this challenge. It was quite an interesting one.

Platform: Tryhackme

Title: Corridor

Difficulty: Easy

Link: https://tryhackme.com/room/corridor

The challenge simply tells us to find our way back. From the hint, you’ll find that the end points follow a particular pattern.

I would have done an nmap scan, but we’re already told it’s an IDOR, why waste your time? You can do that yourself by

nmap -sV -sC $IP

But I’ll go straight to slap the IP to the web browser. For some reasons, this my web browser keeps adding the https after I hit return key on pasting the given IP. So I added the “:80" to the IP and it worked.

I’m faced with an image

of so many doors. I have to find my way back.

Using directory fuzzers returns nothing tangible, so I resorted to viewing the source code.

From the screenshot, you can see various links that seems not to make sense. They’re more like hashes. They are directories and will lead you to different rooms. Example