Burp Suite User Forum

Create new post

Finding sensative information in web app variables

Duba, | Last updated: Sep 15, 2023 06:18PM UTC

We recently found a legacy app that had some bad code where you could change a number in a url and view someone elses data. I'd like to audit the rest of our stuff so I can certify this was a one off with a legacy app that was going to be replaced anyway. Is there an easy way for me to find such a number (in form variables/url variables/session variables) if I use a test user that has a known id number associated with it? So far everything I've googled tells me to manually inspect each http exchange which I really do not want to do for something that should be really simple. Thanks in advance.

Liam, PortSwigger Agent | Last updated: Sep 18, 2023 10:38AM UTC

Thanks for your message, Andrew.

Access control scan checks are listed on our current roadmap:

Burp Scanner will check for a number of security vulnerabilities relating to access control.

Please let us know if you require any further assistance.

Duba, | Last updated: Sep 18, 2023 06:51PM UTC

Sounds good but what can I do in the meantime? I've got a test user which will have a very specific id number. Is there a way to easily search for that id number in responses? That would at least give me a short list of things to followup on further. If not could I write a simple extension to do this? -Andrew

Liam, PortSwigger Agent | Last updated: Sep 19, 2023 10:50AM UTC

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.