[+] Exploit Title ; Famo Go Script Unvalidated Redirect and Forwards Vulnerability
[+] Date : 2018-01-21
[+] Author : 0P3N3R From IRANIAN ETHICAL HACKERS
[+] Vendor Homepage : https://famo.ir
[+] Dork : N/A
[+] Version :
[+] Tested On : windows 10 - kali linux 2.0
[+] Contact : https://telegram.me/WebServer
[+] Poc :
[*] http://localhost/index.php?url=http://irethicalhackers.com/forums
[*] The hacker can change this link !
[+] Exploitation Technique:
[!] remote
[+] Severity Level:
[!] Medium
[+] Vulnerable source :
<?php
error_reporting(7);
if(isset($_REQUEST['url'])) {
$go = "go.php?url=".$_REQUEST['url'];
} else {
$go = "go.php";
}
?>
[+] We Are :
[!] 0P3N3R [+] Mehrdad_Ice [+] BaxTurk24