Member-only story
How I Found The open redirect vulnerability?
Hi everyone, i am back with another writeup. its simple
to find but where to look for this vulnerability is matter.
lets name it as https://:abc.example.com
it has login functionality. so i was tested login page
for other vulnerabilities like……
authentication bypass
OTP bypass
sql injection on login parameters
but no use its secure. Then i remembered my old writeup regarding
open redirect on 404 not found page and login page.
“https://medium.com/@doordiefordream/how-i-found-open-redirect-using-virus-total-460d721b9596”
so started testing, the login page url looks like:
so i added open redirect parameter to above url
https://abc.example.com/login?returnTo=https://evil.com
then i was entered the login details and click on submit
boom,its redirected to evil.com.
then i was reported. its valid but i got duplicate ☹.
recent times i was getting more duplicates.
when i writing this writeup. my email alert me “you got another duplicate”
but its painful when we get duplicate…but still feel ☺ happy.