Konuyu Oyla:
  • Toplam: 1 Oy - Ortalama: 5
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: Developed By DokaGroup Laboratory Open Redirect Vuln
KingSkrupellos
*
avatar
Hacktivist
Durum: Çevrimdışı
Seviye Puanı: 56
Yaşam Puanı: 1,382 / 1,382
Deneyim: 31 / 100
Rep Sayısı: 2826
Mesaj Sayısı: 6459
Üyelik Tarihi: 21.08.2013
     
Yorum: #1
Developed By DokaGroup Laboratory Open Redirect Vuln
29.06.2018 05:49
################################################################################​#################

# Exploit Title : Developed By the DokaGroup Laboratory 2008-2011 Belarus Open Redirection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 30/06/2018
# Vendor Homepage : doka.com
# Tested On : Windows
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]

################################################################################​#################

# Description for the Vulnerability :

URL Redirection to Untrusted Site ('Open Redirect')
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect.
This simplifies phishing attacks.An http parameter may contain a URL value and could cause the web application to redirect the request to the specified URL.
By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
Because the server name in the modified link is identical to the original site, phishing attempts have a more trustworthy appearance.
Phishing is a general term for deceptive attempts to coerce private information from users that will be used for identity theft.

# Google Dork : intext:''разработан лабораторией DokaGroup, 2008-2011''

# Exploit : /website?ref=

# Example : LocalHost/website?ref=https://www.DESIREDDOMAINADDRESS.gov

################################################################################​#################

# Example Site => niti.by/website?ref= => [ Proof of Concept ] => archive.is/ry50p

################################################################################​#################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

################################################################################​#################

# Cyberizm Digital Security Technological Turkish Moslem Army #
# İnsanda bir organ vardır. Eğer o sağlıklı ise bütün vücut sağlıklı olur;
eğer o bozulursa bütün vücut bozulur. Dikkat edin! O, kalptir.
[ Hz.Muhammed S.A.V ] #


Alinti



1 Ziyaretçi