# Exploit Title: Web Wallet Elrond - Open Redirect Vulnerability
# Date: 2022-04-11
# Google Dork: -
# Exploit Author: Mohsen Dehghani (aka 0xProfessional)
# Contact to me : 0xProfessional@protonmail.com
# Vendor Homepage: https://wallet.elrond.com
# Software Link: https://wallet.elrond.com
# Version: -
# Tested on: Linux
# CVE : -
###########################################################################
#Vulnerability Description:
An open redirect vulnerability occurs when an application allows a user to control a redirect or forward to another URL.
If the app does not validate untrusted user input, an attacker could supply a URL that redirects an unsuspecting victim from a legitimate domain
or inject malicious code & software to user.
#Reproduce steps:
1) Edit :https://wallet.elrond.com/hook/login?callbackUrl=
2) Put untrusted domain or malicious url after #callbakUrl= parameter
3) Visit url
4) Login
5) Bom ! you redirected to untrusted domain or malicious url!
#PoC:
https://wallet.elrond.com/hook/login?callbackUrl=https://attacker.com