Web Wallet Elrond - Open Redirect Vulnerability

2022.06.07

0xProfessional (IR)

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

# Exploit Title: Web Wallet Elrond - Open Redirect Vulnerability
# Date: 2022-04-11
# Google Dork: -
# Exploit Author: Mohsen Dehghani (aka 0xProfessional)
# Contact to me : 0xProfessional@protonmail.com
# Vendor Homepage:  https://wallet.elrond.com
# Software Link:  https://wallet.elrond.com
# Version: -
# Tested on: Linux
# CVE : -
###########################################################################
#Vulnerability Description:
An open redirect vulnerability occurs when an application allows a user to control a redirect or forward to another URL.
If the app does not validate untrusted user input, an attacker could supply a URL that redirects an unsuspecting victim from a legitimate domain
or inject malicious code & software to user.

#Reproduce steps:

1) Edit :https://wallet.elrond.com/hook/login?callbackUrl=
2) Put untrusted domain or malicious url after #callbakUrl= parameter
3) Visit url
4) Login
5) Bom ! you redirected to untrusted domain or malicious url!



#PoC:
https://wallet.elrond.com/hook/login?callbackUrl=https://attacker.com

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Web Wallet Elrond - Open Redirect Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.