We can Consider this vulnerabilty as anyone who can trick your users into submitting a request to your website. Any website or other HTML feed that your users use could do this. Attacker links to unvalidated redirect and tricks victims into clicking it. Victims are more likely to click on it, since the link is to a valid site. Attacker targets unsafe forward to bypass security checks.
Applications frequently redirect users to other pages, or use internal forwards in a similar manner. Sometimes the target page is specified in an unvalidated parameter, allowing attackers to choose the destination page.
Detecting unchecked redirects is easy. Look for redirects where you can set the full URL. Unchecked forwards are harder, because they target internal pages.
Ans:-
- A situation where a user can central which site you are redirected to by altering a user supplied parameter.
- In this, the redirect URL parameter is not validated & the user will be redirected to another site.
Ans:-
- If you can avoid using redirects based on user parameters, this is the best method to use.
- If you must use redirects, avoid using any user-supplied data to determine the redirect.
- Create a Function to Verify the Target URL & Verify that the user does in fact need to be redirected.
DEMO - Comming Soon!
Twitter / Hack The Box / CTF Team / Teck_N00bs Community Telegram
Comments