|
|
| (12 intermediate revisions by 4 users not shown) |
| Line 1: |
Line 1: |
| − | ==Overview==
| + | #REDIRECT [[Unvalidated_Redirects_and_Forwards_Cheat_Sheet]] |
| − | | |
| − | An open redirect is an application that takes a parameter and redirects a user to the parameter value without any validation. This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it.
| |
| − | | |
| − | {{Template:Stub}}
| |
| − | | |
| − | ==Consequences ==
| |
| − | | |
| − | [[Phishing]] | |
| − | | |
| − | ==Exposure period ==
| |
| − | | |
| − | ==Platform ==
| |
| − | All web platforms affected
| |
| − | | |
| − | ==Required resources ==
| |
| − | | |
| − | ==Severity ==
| |
| − | | |
| − | | |
| − | ==Likelihood of exploit ==
| |
| − | | |
| − | | |
| − | ==Avoidance and mitigation ==
| |
| − | To avoid the open redirect vulnerability parameters of the application script/program must be validated before sending 302 HTTP code (redirect) to the client browser.
| |
| − | | |
| − | The server must have a relation of the authorized redirections (i.e. in a database)
| |
| − | | |
| − | ==Discussion ==
| |
| − | | |
| − | | |
| − | ==Examples ==
| |
| − | | |
| − | http://www.vulnerable.com?redirect=http://www.attacker.com
| |
| − | | |
| − | The phishing use can be more complex, using complex encoding:
| |
| − | | |
| − | Real redirect: http://www.vulnerable.com/redirect.asp?=http://www.links.com
| |
| − | | |
| − | Facked link: http://www.vulnerable.com/security/advisory/23423487829/../../../redirect.asp%3F%3Dhttp%3A//www.facked.com/advisory/system_failure/password_recovery_system
| |
| − | | |
| − | ==Related problems ==
| |
| − | | |
| − | * [[Open forward]]
| |
| − | | |
| − | [[Category:Vulnerability]]
| |
