29 lines
1.7 KiB
INI
29 lines
1.7 KiB
INI
idor.title=Insecure Direct Object References
|
|
|
|
idor.hints.idor_login=Log in first
|
|
|
|
|
|
idor.diff.attributes.missing=You did not list two attributes, comma delimited
|
|
idor.diff.success=Correct, the two attributes not displayed are userId & role. Keep those in mind
|
|
idor.diff.failure=Try again. Look in your browser dev tools or Proxy and compare to what's displayed on the screen.
|
|
|
|
idor.edit.profile.success1=Well done, you have modified someone else's profile (as displayed below)
|
|
idor.edit.profile.success2=Good work! View the updated profile below
|
|
idor.edit.profile.failure1=Close ... you've got the technique. Now try for a lower role number
|
|
idor.edit.profile.failure2=Close ... you've got the technique. Now change the color in their profile to red.)
|
|
idor.edit.profile.failure3=Try again. Use the hints if you need to.
|
|
idor.edit.profile.failure4=Modifying your own profile is good, but we want to do this to Buffalo Bill's profile.
|
|
|
|
idor.login.success=You are now logged in as {0}. Please proceed.
|
|
idor.login.failure=Credentials provided are not correct
|
|
|
|
idor.view.profile.success=Well done, you found someone else's profile
|
|
idor.view.profile.close1=You're on the right path, try a different id
|
|
idor.view.profile.close2=Try again. You need to use the same method/URL you used to access your own profile via direct object reference.
|
|
|
|
idor.view.own.profile.success=Congratulations, you have used the alternate Url/route to view your own profile.
|
|
idor.view.own.profile.failure1=Please try again. The alternate route is very similar to the previous way you viewed your profile. Only one difference really
|
|
idor.view.own.profile.failure2=You need to authenticate as tom first.
|
|
|
|
idor.view.other.profile.failure1=You must authenticate first
|
|
idor.view.other.profile.failure2=<<still working>> |