Open Redirect Vulnerability

VISHNU VARDHAN
1 min readMay 25, 2021

--

Open Redirect is a vulnerability in which the attacker manipulates a web page to redirect the users to unknown destinations.

An open redirect occours in the url through parameter value that can be tampered and set to attackers website .

Example :

https://google.com/r/?url=https://bing.com

But why we need use of the redirection ??

As it tends out of a web application of in requires these redirections in all over the place .

1.LOGIN
2.REGISTER
3.CHECK OUT
4.CREATE
5.PASSWORD RESET

Types of Open Redirect :

  1. Reflected : The redirection is based on a parameter value set through the URL.

2. Stored : The redirection function or a script is stored on the web application through attackers input . If all the users visited that website it will redirect to the attacker’s web page .

3. Dom : It occurs when the application takes input and places it in a sink that redirects the user.

How to find for open redirects

We can Use Google dorks and search for URLs that contains common redirection parameters.

RESOURCES :

https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open%20Redirect

DORKS :

/{payload}

?next=

?url=

?target=

?rurl=

?dest=

?destination=

?redir=

redirect_uri=

?redirect_url=

?redirect=

/redirect/

cgi-bin/redirect.cgi?{}

/out/

/out?

?view=

/login?to=

?image_url=

?go=

?return=

?returnTo=

?return_to=

?checkout_url=

Common parameters :

redirect, uri, path, continue, url, window, to, out, view, dir, show, navigation, Open, url, file, val, validate, domain, callback, return, page, feed, host, port, next, data, reference, site, htmlARAMETERS :

I would like to thank you for your attention :)

I wish everybody good luck in their future findings! :)

Happy Hacking :)

--

--