Mass assignment granting low privilege user admin role access
The endpoint appears to be vulnerable to Mass Assignment attack. The original request was replayed by modifying admin param in request body. The application responded with 2XX success code in response.
Mass Assignment (MA)
How this template works
The template uses API selection filters to specify the criteria for selecting the API endpoints to test. It filters the endpoints based on the response code (between 200 and 299), the HTTP method (PUT, POST, or PATCH), and the presence of specific keywords (admin, superuser, or system) in the response payload.
The template executes a single request by adding a body parameter called "admin_key" with a value of true. This request is sent to the selected API endpoints to test if they are vulnerable to the Mass Assignment attack. The purpose is to modify the "admin" parameter in the request body and check if the application responds with a 2XX success code.
After executing the request, the template validates the response received from the API endpoint. It checks if the response code is between 200 and 299, indicating a successful request. Additionally, it verifies that the response payload contains the "admin_key" parameter with a value of true, confirming that the Mass Assignment vulnerability exists.
Frequently asked questions
What is the purpose of the "Mass Assignment Change Admin Role" test
How does the test determine if an API endpoint is vulnerable to Mass Assignment
What are some examples of sensitive properties that should not be updated by clients
What is the impact of exploiting a Mass Assignment vulnerability
What are the selection filters used to determine which API endpoints to test
How does the test validate the vulnerability by modifying the "admin_key" parameter