Kev Posted September 14, 2021 Report Posted September 14, 2021 Salut, Cum au facut redirect din acest link aHR0cHM6Ly9teWZvb2RpZXMuY29tL3JlY2lwZXByaW50LnBocD9saW5rPWh0dHA6Ly9lc2NvcnQtc2VydmljZS1sb25kb24uY28udWs= b64 UTF-8 Fara acces la site-ul principal? Hint: .com/recipeprint.php?link=http://site.com Quote
yoyois Posted September 14, 2021 Report Posted September 14, 2021 De ce redirect vorbesti? Acolo e o vulnerabilitate in care site-ul face un request catre linkul dat de utilizator. Responsul e pus in pagina, appended cu un mini-script care face window.print() si setTimeout(winclose, 5000) E o vulnerabilitate nasoala (CSRF, XSS, DOS, etc.) Hint: in loc de site.com pune "https://www.hashemian.com/whoami/" si vezi ce ip iti da.. 1 Quote
Kev Posted September 14, 2021 Author Report Posted September 14, 2021 (edited) Done Edited September 15, 2021 by Kev Quote
