😎Access Control List

Today i will Explain what is Access Control List in simple way :

👏 what is Access control (or authorization) :

  • is the application of restrictions on who can perform actions or what resource can he access

  • what can access control depend on ??

    1. Authentication : identify if that is the right person or no

    2. Session management : Determine if the same person made the HTTP request or another person

    3. Access control : determines if this user is allowed to perform this action or not ?

😄 Types of ACL :

  1. Vertical access controls : If a user can gain access to functionality that they are not permitted to access or not

    1. For example, if a regular user can gain access to an admin page where they can delete user accounts, then this is vertical privilege escalation.

      EX: we have 3 different types of users have access to different application functions of any system ,, user - moderator (accept posts ,,, ) - admin Problem here is : ⇒

      • problem here : If a user can gain access to functionality that they are not permitted to access then this is vertical privilege escalation. For example, if a non-administrative user can in fact gain access to an admin page where they can delete user accounts

      • any user can do the role of another user , such as user do admin things - moderator add/delete users

    🤟 Example of this Vulnerability :

    • unprotected Functionality : regular user can access admin function with access sensitive functionality like access admin-panel

    • can be in an unpredictable location, but the location is disclosed somewhere in the application.

    • Parameter-based access control methods :

      1. ?admin=true ?role=1

      🔥Impact : always we can get Privilege Escalation From Vertical access

  2. Horizontal access controls : it happen between 2 users in the same privilege :

  • if a user is able to gain access to resources belonging to another user with the same privilege

  • different users have access to a resources of the same type. such as : setting in application

  • For example 1 , a banking application will allow a user to view transactions and make payments from their own accounts

  • Vuln EX :

    1. when user X can view transactions and make payments of user Y or any other user.

    2. in facebook : change the setting site from X to another user and make change in sensitive data

  • EX : https://target.com/myaccount?id=123

    • If an attacker modifies the id parameter value to that of another user, they might gain access to another user's account page

    • 😁 Impact : Lead to Brocken Access Control

  1. Context-dependent access controls : it happen depend on the kind of application and change from application to another

🔥 Horizontal to vertical privilege escalation :

  • horizontal privilege escalation attack can be turned into a vertical privilege escalation by compromising a more privileged user

  • EX : horizontal escalation might allow an attacker to reset or capture the password belonging to another user.

    • If the attacker targets an administrative user and compromises their account, then they can gain administrative access and so perform vertical privilege escalation.

  • https://target.com/myaccount?id=456

    • lets change ?id=1 may be admin account 😊😊

PreviousJWT attacksNextCSRF

Last updated