GET
https://example.com/api/user/12345/address
- Guess other IDs
- Check if it can be decoded in CyberChef
- Brute with BurpSuite Intruder
POST / PUT
PUT https://example.com/api/user/profile HTTP/1.1
{
"id": 12345,
"password": "hacked"
}
Response: {"success":true}
Leaked UUIDs
<img src=”/assets/profile_picture/uuid/avatar.png”>