Onion Search Engine Unvalidated Redirect and Forwards Vulnerability

2019.04.18
Risk: Low
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

[+] Exploit Title ; Onion Search Engine Unvalidated Redirect and Forwards Vulnerability [+] Date : 2019-04-18 [+] Author : 0P3N3R From IRANIAN ETHICAL HACKERS [+] Vendor Homepage : http://5u56fjmxu63xcmbk.onion [+] Dork : N/A [+] Version : N/A [+] Tested On : windows 10 - kali linux 2.0 [+] Contact : https://telegram.me/WebServer [+] Description : [!] Onion Search Engine searches hidden services on the Tor network. [!] What is Unvalidated Redirect and Forwards ? Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts may have a more trustworthy appearance. Unvalidated redirect and forward attacks can also be used to maliciously craft a URL that would pass the application’s access control check and then forward the attacker to privileged functions that they would normally not be able to access. [+] Poc : [+] hacker can edit the url and replace its malicious link [+] The user trusts the haystak and goes to the hacker link [!] Vulnerable Link : [*] http://5u56fjmxu63xcmbk.onion/url.php?u=Your Link Here [!] For Ex (We Edit This Link): [*] http://haystakvxad7wbk5.onion/redir.php?url=http://google.com [+] Now You redirected to the Google Website [+] Exploitation Technique: [!] remote [+] Severity Level: [!] Low [+] Request Method : [!] GET [+] Vulnerable files : [!] url.php [+] Patch : [!] Restrict user input or replace bad characters [+] We Are : [+] 0P3N3R [+]


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top