Facebook Hacking | Hacking Tools | Facebook Hacking Tool | Twitter Hacking | Crash Website | Hack Gmail Account
Home / information security / Unvalidate Redirects and Forwards

Unvalidate Redirects and Forwards

Posted by Deepanker Verma Monday, July 9, 2012 0 comments
Redirection is a common process in the web application. Most of the times it is used while logging in a user of logging out. But unvalidate redirect can cause a big trouble and can help attackers to exploit this.

Unvalidate URL redirection and forwarding can be found at many places of the websites. So a web master must check the website at each redirection.

What are Unvalidate Redirects and Forward?
If a website has few places where it forwards or redirects users to other places, this redirection can be used to redirect users to some other malicious websites which can harm users. This redirection can also be used to steal login credential of users.
Simple websites will not see this harmful. But popular websites and mostly online shopping portals must take care about this. Because it can really affect their business and can ruin their name.
Suppose there is a shopping website which redirects users to search page when a user search from the search box.
Same URL is given below
http://www.onlineshop.com/search?q=galaxy&type=search&cat=phone&url=search.php

Here we can see that search page search.php and user is being redirected to that page via query.

If this is redirection is not validated properly, attacker can exploit this like this:
http://www.onlineshop.com/search?q=galaxy&type=search&cat=phone&url=http://www.attacker.com

If a user clicks on this link, he will be redirected to http://www.attacker.com which can be a fake website or a phishing website.

This attack is not complicated and attacker only needs to find a place of redirection. If he found a link, he will try to exploit the link by changing the redirection URL.


How to protect a website? If you want to protect your website from this attack, you must follow these steps in the same order.
  • Avoid redirects and forwards within the website.
  • Avoid redirects and forwards for other domains.
  • Do not take redirection target from user.
  • Use white lists of allowed URLs or black list of disallowed URLs.
  • Use of URL mapping if allow user to select the destination
Categories: ,

If You Like This Post, Share it With Your Friends


Subscribe us to receive free updates in your inbox:


0 comments:

Post a Comment

Featured FREE Resource:
X




Security Tools

Loading...
Share
Get This

About Me

My Photo
Deepanker Verma
I am Deepanker Verma. A computer geek, Security researcher blogger and software developer. I have deep interest and Information security and web development and try to learn new things. you will see my blogs on hackingtricks, TechlomediaWebtips and Usethistip.

I was also honoured by Apple, Ebay, Symantec, PandaSecurity and various other computer software giants for my security work for their company. I also contribute on some opensource projects regularly.

I also own a web app called NoteDIP that allows users to send self-destructive messages with password protection.

You can add me to circles to get my daily tips :)

View my complete profile

Partners

Blog Archive

Copyright © Hacking Tricks. All rights reserved. Blogger template designed by BLog Bamz