Archive.is Open Redirect Vulnerability

Published
Credit
Risk
2016.10.04
Zaphkiel & RicoDiaZ
Low
CWE
CVE
Local
Remote
N/A
N/A
No
Yes

# Exploit Title: Archive.is Open Redirect Vulnerability
# Date: 4.10.2016
# Exploit Author: Zaphkiel RicoDiaZ
# Tested on: https://archive.is/o/mshvr/russianelectricmanager.comli.com

Subscribe:
1) Create a Website ( Html ) www.example.com
2)Add this code
<a href="https://www.redirectingtothissite.com">Link</a>

to in Step1 site.

3) Save your www.example.com to archive.is

4) Click your "Link" ( Href Coded Link ) in your www.example.com site in archive.is

5) When you click, Archive.is redirecting you to this website. When you are redirecting, Copy the link.

Now this link is a Open Redirect.


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com