VK Social Network Open Redirect- URL Redirector Abuse

2018.10.09
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title : VK Social Network Open Redirect- URL Redirector Abuse # *Vendor*: www.vk.com # Author: Juan Carlos Garcia (NightSec) # Blog: http://hackingmadrid.blogspot.com # Facebook http://www.facebook.com/pages/ETHICAL-HACKING-Y-OL%C3%89-by-the-Face-WhiteHat/172393869485449?sk=app_190322544333196 PacketStorm:http://packetstormsecurity.com/files/120107/VK-Social-Network-Open-Redirect.html +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ BREIF DESCRIPTION ***** VK is a European social network service popular among Russian-speaking users around the world. It is especially popular in Russia, Ukraine, Kazakhstan, Moldova, Belarus, and Israel. VK is a Facebook clone, with several common features, such as university exclusiveness of a network during its early stages, similar color, and similar features and functionality. VK is able to hold the position, the main countries, and successfully move ahead in Europe and America, despite efforts of the American network. Like other social networks, VK allows users to message contacts publicly or privately, create groups, public pages and events, share and tag images, audio and video, and play browser-based games. ***** Open Redirect - URL Redirector Abuse PoC http://X.com/away.php?mt=8&to=http://hackingmadrid.blogspot.com http://XX.com/away.php?locale=ru_RU&to=http://google.com/search?q=Hackingmadrid http://XX.com/away.php?locale=ru_RU&to=http://google.com/search?q=Ethical Hacking y ole by the face http://XX.com/away.php?feature=share&post=193_594&to=http://www.hackingmadrid.blogspot.com http://XX.com/away.php?to=http://hackingmadrid.blogspot.com http://XXX.com/away.php?to=http://www.facebook.com/pages/ETHICAL-HACKING-Y-OL%C3%89-by-the-Face-WhiteHat/172393869485449?sk=app_190322544333196 http://XXX.com/away.php?mt=8&post=-43583105_11&to=http://www.owasp.org Procedure:Open de links given above ***** Give special thanks to all the people who follow me on Ethical Hacking and Ole by the Face .. Thanks guys *****


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top