OWASP Security Shepherd Project - Unvalidated Redirects and Forwards Lesson

What is Unvalidated Redirects and Forwards Vulnerability/Threat?

    Unvalidated redirects and forwards occur in applications that redirect or forward their users to a target that is specified by an unvalidated parameter. An unvalidated parameter that is used to redirect a user to a normally safe location can be used by an attacker to trick victims into visiting phishing pages or even have malware installed on their machines.
    This attack takes advantage of a user's trust in an application. A victim is more likely to click on a link from a site that they trust than one they have never seen before.
    These attacks can also be used to bypass access control schemes. This is done when a page that a user would not normally have access to,such as administrator pages, is included in a unvalidated redirect.

Lesson



    In this lesson, we want to treat administrator to grant us LessonComplete mark by redirecting him to admin URL via user URL, because there is a security check on the Referer HTTP header and if we could redirect the admin from user URL to admin URL, we will have a correct domain appears in the Referer header.
    Let's try to combine the unvalidated redirects: https://192.168.56.103/user/redirect?to= and the URL to grant LessonComplete marks: https://192.168.56.103/root/grantComplete/unvalidatedredirectlesson?userid= with our temporary ID: 447158788.
    That is we input https://192.168.56.103/user/redirect?to=https://192.168.56.103/root/grantComplete/unvalidatedredirectlesson?userid=447158788 to see if we could pass the lesson.


    Great! This completes our lesson.


留言

The Hottest Articles

OWASP Security Shepherd Project - My Practice & Solutions

OSCP回顧 & 準備建議

OWASP Security Shepherd Project - SQL Injection 3 (Injection Challenge)