According to OWASP (www.owasp.org), IDOR happens when access is provided to an object based on the input provided by the user. If a web application is found to be vulnerable, an attacker can attempt to bypass authorization and gain access to resources on the compromised system.

Next, we will demonstrate how to exploit file upload vulnerabilities on a target machine.