search
githubEdit

Mass Assignment

hashtag
Overview

Mass assignment occurs when applications automatically bind HTTP parameters to model attributes without proper filtering.

hashtag
Identify

hashtag
Signs of Vulnerability

  • Framework uses auto-binding (Rails, Django, Node.js, etc.)

  • Hidden parameters in forms

  • API accepts extra fields in JSON/POST data

  • Registration or profile update forms

hashtag
Test Method

  1. Intercept normal request

  2. Add extra parameters:

    • admin=true

    • role=admin

    • confirmed=1

    • verified=1

    • is_staff=true

    • active=1

hashtag
Exploit

hashtag
Registration Bypass

hashtag
Admin Privilege Escalation

hashtag
Profile Update

hashtag
Framework-Specific Parameters

hashtag
Ruby on Rails

hashtag
Django

hashtag
Node.js/Express

hashtag
Finding Hidden Parameters

hashtag
Source Code Review

hashtag
Parameter Discovery Tools

hashtag
Common Vulnerable Endpoints

Endpoint
Test Parameters

/register

admin, role, confirmed

/profile

is_admin, balance, role

/api/users

role, permissions

/settings

is_premium, verified

PreviousBug Bounty HuntingNextFile Upload Attacks

Last updated