
BOLA: Broken Object Level Authentication
BUA: Broken User Authentication
Related market: https://manifold.markets/IsaacKing/will-i-find-any-serious-bugs-in-my?r=Zmlyc3R1c2VyaGVyZQ
Feb 3, 11:52am: Will Isaac's website get a BOLA attack within 2 weeks of API release? → Will Isaac's website get a BOLA/BUA attack within 2 weeks of API release?
People are also trading
@firstuserhere I have two websites, both of which have been up for several years. The one I'm referring to in that other market is https://rulesguru.net/. The API is what hasn't been launched yet, though an unreleased and unfinished version exists at https://rulesguru.net/api.
Oh also, please ensure you don't cause any significant downtime for other users.
@IsaacKing I'm resolving this market N/A so as not to incentivize anyone to try this. And whenever the API is released, I'd be happy to test the attacks only to help strengthen the vulnerabilities in the API structure, not to cause harm to infrastructure or users