Access Control List

Today i will Explain what is Access Control List in simple way :

is the application of restrictions on who can perform actions or what resource can he access
what can access control depend on ??
1. Authentication : identify if that is the right person or no
2. Session management : Determine if the same person made the HTTP request or another person
3. Access control : determines if this user is allowed to perform this action or not ?

Vertical access controls : If a user can gain access to functionality that they are not permitted to access or not
1. For example, if a regular user can gain access to an admin page where they can delete user accounts, then this is vertical privilege escalation.
  EX: we have 3 different types of users have access to different application functions of any system ,, user - moderator (accept posts ,,, ) - admin Problem here is : ⇒
  - problem here : If a user can gain access to functionality that they are not permitted to access then this is vertical privilege escalation. For example, if a non-administrative user can in fact gain access to an admin page where they can delete user accounts
  - any user can do the role of another user , such as user do admin things - moderator add/delete users
Example of this Vulnerability :
- unprotected Functionality : regular user can access admin function with access sensitive functionality like access admin-panel
- can be in an unpredictable location, but the location is disclosed somewhere in the application.
- Parameter-based access control methods :
  1. ?admin=true ?role=1
  🔥Impact : always we can get Privilege Escalation From Vertical access
Horizontal access controls : it happen between 2 users in the same privilege :

if a user is able to gain access to resources belonging to another user with the same privilege
different users have access to a resources of the same type. such as : setting in application
For example 1 , a banking application will allow a user to view transactions and make payments from their own accounts
Vuln EX :
1. when user X can view transactions and make payments of user Y or any other user.
2. in facebook : change the setting site from X to another user and make change in sensitive data
- If an attacker modifies the id parameter value to that of another user, they might gain access to another user's account page
- 😁 Impact : Lead to Brocken Access Control

Context-dependent access controls : it happen depend on the kind of application and change from application to another

horizontal privilege escalation attack can be turned into a vertical privilege escalation by compromising a more privileged user
EX : horizontal escalation might allow an attacker to reset or capture the password belonging to another user.
- If the attacker targets an administrative user and compromises their account, then they can gain administrative access and so perform vertical privilege escalation.
- lets change ?id=1 may be admin account 😊😊

Last updated 4 months ago

is the application of restrictions on who can perform actions or what resource can he access
what can access control depend on ??
1. Authentication : identify if that is the right person or no
2. Session management : Determine if the same person made the HTTP request or another person
3. Access control : determines if this user is allowed to perform this action or not ?

Vertical access controls : If a user can gain access to functionality that they are not permitted to access or not
1. For example, if a regular user can gain access to an admin page where they can delete user accounts, then this is vertical privilege escalation.
  EX: we have 3 different types of users have access to different application functions of any system ,, user - moderator (accept posts ,,, ) - admin Problem here is : ⇒
  - problem here : If a user can gain access to functionality that they are not permitted to access then this is vertical privilege escalation. For example, if a non-administrative user can in fact gain access to an admin page where they can delete user accounts
  - any user can do the role of another user , such as user do admin things - moderator add/delete users
Example of this Vulnerability :
- unprotected Functionality : regular user can access admin function with access sensitive functionality like access admin-panel
- can be in an unpredictable location, but the location is disclosed somewhere in the application.
- Parameter-based access control methods :
  1. ?admin=true ?role=1
  🔥Impact : always we can get Privilege Escalation From Vertical access
Horizontal access controls : it happen between 2 users in the same privilege :

if a user is able to gain access to resources belonging to another user with the same privilege
different users have access to a resources of the same type. such as : setting in application
For example 1 , a banking application will allow a user to view transactions and make payments from their own accounts
Vuln EX :
1. when user X can view transactions and make payments of user Y or any other user.
2. in facebook : change the setting site from X to another user and make change in sensitive data
EX :
- If an attacker modifies the id parameter value to that of another user, they might gain access to another user's account page
- 😁 Impact : Lead to Brocken Access Control

Context-dependent access controls : it happen depend on the kind of application and change from application to another

horizontal privilege escalation attack can be turned into a vertical privilege escalation by compromising a more privileged user
EX : horizontal escalation might allow an attacker to reset or capture the password belonging to another user.
- If the attacker targets an administrative user and compromises their account, then they can gain administrative access and so perform vertical privilege escalation.
- lets change ?id=1 may be admin account 😊😊