Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Login to post

Finding sensative information in web app variables

Andrew | Last updated: Sep 15, 2023 06:18PM UTC

We recently found a legacy app that had some bad code where you could change a number in a url and view someone elses data. I'd like to audit the rest of our stuff so I can certify this was a one off with a legacy app that was going to be replaced anyway. Is there an easy way for me to find such a number (in form variables/url variables/session variables) if I use a test user that has a known id number associated with it? So far everything I've googled tells me to manually inspect each http exchange which I really do not want to do for something that should be really simple. Thanks in advance.

Liam, PortSwigger Agent | Last updated: Sep 18, 2023 10:38AM UTC

Thanks for your message, Andrew.

Access control scan checks are listed on our current roadmap:

Burp Scanner will check for a number of security vulnerabilities relating to access control.


Please let us know if you require any further assistance.

Andrew | Last updated: Sep 18, 2023 06:51PM UTC

Sounds good but what can I do in the meantime? I've got a test user which will have a very specific id number. Is there a way to easily search for that id number in responses? That would at least give me a short list of things to followup on further. If not could I write a simple extension to do this? -Andrew

Liam, PortSwigger Agent | Last updated: Sep 19, 2023 10:50AM UTC

You need to Log in to post a reply. Or register here, for free.