Kev Posted September 14, 2021 Report Share Posted September 14, 2021 Salut, Cum au facut redirect din acest link aHR0cHM6Ly9teWZvb2RpZXMuY29tL3JlY2lwZXByaW50LnBocD9saW5rPWh0dHA6Ly9lc2NvcnQtc2VydmljZS1sb25kb24uY28udWs= b64 UTF-8 Fara acces la site-ul principal? Hint: .com/recipeprint.php?link=http://site.com Quote Link to comment Share on other sites More sharing options...
yoyois Posted September 14, 2021 Report Share Posted September 14, 2021 De ce redirect vorbesti? Acolo e o vulnerabilitate in care site-ul face un request catre linkul dat de utilizator. Responsul e pus in pagina, appended cu un mini-script care face window.print() si setTimeout(winclose, 5000) E o vulnerabilitate nasoala (CSRF, XSS, DOS, etc.) Hint: in loc de site.com pune "https://www.hashemian.com/whoami/" si vezi ce ip iti da.. 1 Quote Link to comment Share on other sites More sharing options...
Kev Posted September 14, 2021 Author Report Share Posted September 14, 2021 (edited) Done Edited September 15, 2021 by Kev Quote Link to comment Share on other sites More sharing options...