How To Find Hidden Parameters

Posted by By admin 3 Min Read

Finding hidden Parameters for bug bounty

Well!!! Hello everyone! It’s KRiPPto99 Back again I hope you all doing very well. Today we in blog I am going to show you How to find the Hidden Parameters in web application. But Before Get started lets know

Why find Hidden parameters ?

Hidden parameters may allow an attacker to control the behavior of the application and may results in the execution of successfully attack In simple words to find more bugs

Lets take a example: lets guess there is web application called examplesite.com that has endpoint:

https://example.com/user/.js?isUser=1  

This endpoint basically allows users to access their dashboard as a normal user. so my question is what if there is some other parameters that are being used to be like isAdmin or something else for example:

https://example.com/user/.js?isAdmin=1

Now we get understand why its important for us to find hidden parameters lets see now how to find hidden parameters

 

How to find hidden parameters

TO find hidden parameters there are many tools like PARAMSPIDER, PARAMMINER, ARJUN here we use ARJUN

Lets quickly open our kali terminal and to install

sudo apt install arjun -y

Now after installing tool let us check tool features by giving command of -h arjun -h

arjun -h

 

options:

  • -h, –help show this help message and exit
  • -u URL Target URL
  • -d DELAY Delay between requests in seconds. (default: 0)
  • -t THREADS Number of concurrent threads. (default: 2)
  • -w WORDLIST Wordlist file path. (default:
  • {arjundir}/db/default.txt)
    -m METHOD Request method to use: GET/POST/XML/JSON. (default:GET)
  • -i [IMPORT_FILE] Import target URLs from file.
  • -T TIMEOUT HTTP request timeout in seconds. (default: 15)
  • -c CHUNKS Chunk size. The number of parameters to be sent at
    once
  • -q Quiet mode. No output.
  • –headers [HEADERS] Add headers. Separate multiple headers with a new line.

 

Let us try to use this tool from the above information on http://testphp.vulnweb.com/artists.php

arjun -u http://testphp.vulnweb.com/artists.php -m GET

 

As we can see, We got 3 parameters from ARJUN! Now we can test these parameters for further vulnerabilities.

 

Thats it for today guys seeeyaa byee

Tags: