This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Execution After Redirect (EAR)"
(Included link to CVE-2013-1402 Detail) |
|||
| Line 23: | Line 23: | ||
==References== | ==References== | ||
* [http://cs.ucsb.edu/~bboe/public/pubs/fear-the-ear-ccs2011.pdf Fear the EAR: Discovering and Mitigating Execution After Redirect Vulnerabilities] | * [http://cs.ucsb.edu/~bboe/public/pubs/fear-the-ear-ccs2011.pdf Fear the EAR: Discovering and Mitigating Execution After Redirect Vulnerabilities] | ||
| + | * [https://nvd.nist.gov/vuln/detail/CVE-2013-1402 CVE-2013-1402: DigiLIBE Management Console | Execution After Redirect (EAR) Vulnerability] | ||
[[Category:Exploitation of Authentication]] | [[Category:Exploitation of Authentication]] | ||
[[Category: Attack]] | [[Category: Attack]] | ||
Revision as of 20:17, 3 April 2017
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.
- This is an Attack. To view all attacks, please see the Attack Category page.
Last revision (mm/dd/yy): 04/3/2017
Overview
Execution After Redirect (EAR) is an attack where an attacker ignores redirects and retrieves sensitive content intended for authenticated users. A successful EAR exploit can lead to complete compromise of the application.
How to Test for EAR Vulnerabilities
Using most proxies it is possible to ignore redirects and display what is returned. In this test we use Burp Proxy.
- Intercept request https://vulnerablehost.com/managment_console
- Send to repeater.
- View response.
How to Prevent EAR Vulnerabilities
Proper termination should be performed after redirects. In a function a return should be performed. In other instances functions such as die() should be performed. This will tell the application to terminate regardless of if the page is redirected or not.
