Hey everyone,
If you submit a report and want the triage team to quickly triage your
report, include your test credenetials in the report. This is
especially useful if user permissions and roles are involved.
Here is an example:
---------------------------------------------------------------------------
Hi team,
I discovered an insecure direct object reference in example.com via the
id parameter on /account/settings.
## Steps to reproduce
1. Sign in using user@xxxxxxxxxxx:password1234;
2. Navigate to /account/settings;
3. Save the user details and intercept the POST request with your proxy
of choice;
4. Modify the id parameter to 1337 — this id belongs to
admin@xxxxxxxxxxx;
5. Forward the request and then sign in as
admin@xxxxxxxxxxx:password1234;
6. You should see that admin@xxxxxxxxxxx's settings have been modified
to ...
...
---------------------------------------------------------------------------
I think you all get the idea now. Basically, as a triager what this
allows me to do, is quickly replicate the exact steps that you took.
This is also particularly useful if you have stored XSS or an issue
that we can no longer reproduce, but see the payload fire using your
account.
Hope that helps some of you out, please feel free to submit questions
to this thread and suggestions for future tips.
- Ed
