Insecure Direct Object Reference Exposes all users of Microsoft Azure Independent Software Vendors

https://mynotsecureapp.com/users?userId=1055
{
"UserId": 1055,
"First Name": "Negus",
"Last Name": "Ezana",
"DoB": "1970–01–01",
"Place of Birth": "Bahir Dar",
"email": "ng@mynotsecureapp.com",
"mobile": "0918xxxxxx"
}
https://mynotsecureapp.com/users?userId=1056
{
"UserId": 1056,
"First Name": "Mahelete",
"Last Name": "Solomon",
"DoB": "1980–04–10",
"Place of Birth": "Addis Ababa",
"email": "ms@mynotsecureapp.com",
"mobile": "0911xxxxxx"
}
List of Sellers
GET /en-us/dashboard/account/<reduct>/<reduct>/<reduct>/<reduct>/76????10/users HTTP/2
Host: partner.microsoft.com
Details of users belongs to publisher 76????10
GET /en-us/dashboard/account/<reduct>/<reduct>/<reduct>/<reduct>/76????20/users HTTP/2
Host: partner.microsoft.com
Details of users belongs to publisher 76????20
GET /en-us/dashboard/account/<reduct>/<reduct>/<reduct>/<reduct>/76????00/users HTTP/2
Host: partner.microsoft.com
Details of users belongs to publisher 76????00
GET /en-us/dashboard/account/<reduct>/<reduct>/<reduct>/<reduct>/3?????30/users HTTP/2
Host: partner.microsoft.com
Details of users belongs to publisher 3?????30
GET /en-us/dashboard/account/<reduct>/<reduct>/<reduct>/<reduct>/2?????50/users HTTP/2
Host: partner.microsoft.com
Details of users belongs to publisher 2?????50
python script to extract thousands of users

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Malwarebytes Forum User Discovers a Crypto Tracker App That Secretly Installed Backdoors in Macs

GMC24 AirDrop details

READ/DOWNLOAD# The Art of Intrusion: The Real Stor

Common Ways to Bypass Internet Censorship

The First Nomo Player Token Drop

CYBERSECURE YOUR CHILDREN

While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered…

{UPDATE} Super Flying Car Racing Games Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Meareg | ማዕረግ | 𐩧𐩴oמארג | 𐩣

Meareg | ማዕረግ | 𐩧𐩴oמארג | 𐩣

Security Researcher

More from Medium

Open Redirect via Sendgrid Email Misconfiguration

How I Was Able To TakeOver Any Account On One Of Europe's Largest Media Companies

Remote Code Execution | A Story of Simple RCE on Jenkins Instance.

How I bypassed disable_functions in php to get a remote shell