Open/ Unvalidated Redirect Vulnerability
Open Redirect or Unvalidated Redirect and forwards is a potential vulnerability in web applications or web pages by exploiting this vulnerability an attacker can redirect web page users to any external link/website, that website may be malicious or a phishing link.
Although developers do pay not so much attention to this vulnerability because it does not have any direct impact on the web application or web pages but it’s a matter of website reputation because the domain name URL is the only thing for the users to identify that website is legitimate or malicious one, An attacker exploit this trust to make simple use their victim. Enough for the introduction now I’m going to show you how to test & exploit open redirect vulnerability.
For testing for unvalidated redirects and forwards, I use Metasploitable 2 Mutillidae (Vulnerable Web Application) & BurpSuite for Penetration Testing
How To Test & Exploit Open/Unvalidated Redirect Vulnerability
First Open your browser and point it on Burpsuite
Now I’m going to open a vulnerable web application
Note: In my example it is http://192.168.1.28/mutillidae/index.php
Now I visit this link http://192.168.1.28/mutillidae/index.php?page=credits.php
On this page I’ve seen many outside links which use the Get Method and parse the value in forward Parameter.
As I’m going to click on the Adrian Crenshaw link and intercept the packet in Burp.
Look at this GET /Mutillidae/index.php?page=redirectandlog.php&forwardurl=http://www.irongeek.com/ HTTP/1.1
Change this to GET /Mutillidae/index.php?page=redirectandlog.php&forwardurl=https://www.appinindore.com/ HTTP/1.1 and click on forward.