Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Pages: Previous1234567891011Next
Current Page: 2 of 11
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: September 21, 2006 10:29PM

Ah, crap... sorry, yah, I'm exhausted, I guess it shows. Whoops.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 22, 2006 05:25PM

http://web.tickle.com/rd/42805/http://www.aloha.com/~darkwatr/tkl01.htm

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 22, 2006 06:11PM

..because i was bored...

Hop Aboard The InterTubes Train:
http://www.att.net/cgi-bin/redir?url=http://refer.ccbill.com/cgi-bin/clicks.cgi?CA=924891&HTML=http://web.tickle.com/rd/42805/http://www.tescofinance.com/personal/finance/entrypage_index.jsp?url=http://www.darkreading.com/reg_logout.asp?nexturl=http://www.internetaccessmonitor.com/bitrix/redirect.php?goto=http://transfer.go.com/cgi/transfer.dll?goto=http://www.sexocean.com/cgi-bin/tt.cgi?url=http://www.onlyteenstgp.com/cgi-bin/tt.cgi?url=http://www.easypic.com/cgi-bin/rb4/cout.cgi?url=http://www.pussy.org/cgi-bin/ucj/c.cgi?url=http://www.sexvalley.net/o.php?url=http://redirect.alexa.com/redirect?http://home.att.net/~cecw/lastpage.htm

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: Kyran
Date: September 22, 2006 06:17PM

That was a rather boring train-ride.

- Kyran

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: WhiteAcid
Date: September 22, 2006 06:18PM

HAHAHAHA. too bad it doesn't really show to most users as it's done with HTTP codes as opposed to JS

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: WhiteAcid
Date: September 22, 2006 06:27PM

http://pastebin.ca/180260 <-- had to be done

Edit: damnit. I missed off the last part, oh well. I'm not doing that again.

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer



Edited 1 time(s). Last edit at 09/22/2006 06:28PM by WhiteAcid.

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 22, 2006 09:02PM

http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://maluc.sitesled.com/noframe.html SEO forums? i guess the redirect is intentional

just need a simple framebreak to clean it up..

a useful googledork is inurl:redir .. as it's the typical name given for these redirects with frames .. the first several pages will show a dozen useable ones

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 23, 2006 09:20PM

http://origins.firstgov.gov/external/external.jsp?url=http://www.whitehouse.com

Hey, whitehouse.com isn't a porn site anymore :( .. i miss the Intern of the Month.

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: WhiteAcid
Date: September 24, 2006 06:55PM

http://www.msblog.org/go.php?http://www.google.com
It wasn't hard to find (obviously), but I'm shocked that MS have something like this.

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: September 24, 2006 09:10PM

Hmm... looks like that search guild URL is also vulnerable to XSS: http://www.searchguild.com/redir/o.php?out=http://www.google.com%22%3E<frame%20SRC=javascript:alert("XSS")></frameset>

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 24, 2006 09:59PM

heh, ya i've come to notice that a few sites use filters for all their input.. but also have a redirect script, that doesnt whitelist links and doesn't filter - making it easy for XSS .. which was posted for comcast, and some cellphone site, in the other thread

i wouldn't be surprised if more than 50% of the redirects that leave a frame across the top like searchguild does.. are vulnerable to the same injections

ex: http://alexandriava.gov/link/redir.pxe?www.penisland.net%22%3E%3Cframe%20src=javascript:alert(%22XSS%22)%3E

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 24, 2006 10:34PM

http://www.dataplace.org/redir.html?url=http://www.penisland.net
http://www.inmetro.gov.br/redir.asp?url=http%3A%2F%2Fwww.penisland.net
http://econpapers.repec.org/scripts/redir.pl?u=http%3A%2F%2Fwww.penisland.net
http://www.freeml.com/servlet/redir?rd=http://penisland.net
http://www.topix.net/redir/loc=prss-myway/http=3A=2F=2Fpenisland.net <--accepts hex encoding with either %22 or =22 .. weird
http://www.mass.gov/portal/url-trx.jsp?MGTitle=&url=http://penisland.net

-maluc



Edited 2 time(s). Last edit at 09/25/2006 03:19AM by maluc.

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: September 25, 2006 11:47AM

Maluc... keep it up... one of the reasons I'm particular interested in 301 type redirects is because of HTTP response splitting. Keep up the good work!

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: September 26, 2006 12:03AM

http://webbguide.telia.se/redirect.jsp?rid=-1&type=FRONTWEB_INFO&url=http://whatever.com

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 26, 2006 09:25PM

http://usa.visa.com/track/dyredir.jsp?rDirl=http%3A//www.fakecreditapswithgreatbenefits0apr.com/

if this isn't great for phishing, i don't know what is ..

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: September 26, 2006 10:08PM

Wow, they fixed that one in a hurry! That was amazingly fast. 30 minutes or less? That's got to be a record for fixing a redirect hole.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 26, 2006 10:21PM

holy crap.. gotta hand it to visa for that one..

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 26, 2006 10:47PM

http://www.njtransit.com/redir.jsp?url=http%3A%2F%2Fwww.asdf.com
http://experiencewashington.com/redir.aspx?url=http%3A%2F%2Fwww.asdf.com
http://www.brasilecodiesel.com.br/links/index.php?redir=le&acai3_cod=314228&url=http%3A%2F%2Fwww.asdf.com
http://www.cibera.de/ibero/servlet/servlets.Redir/lang=de/domain=ibero?resid=4735&url=http%3A%2F%2Fwww.asdf.com
http://dw.com.com/redir?destUrl=http%3A%2F%2Fwww.asdf.com

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: September 26, 2006 11:19PM

Google dork? inurl:redir

Have I found your technique? ;)

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 27, 2006 12:35AM

lol yup .. and actually i like to throw in the inurl:gov for good measure .. i also like the inurl:%3A%2F%2F which is the :// part of http:// - as long as it's part of the query

google saves time.. for finding random ones. .gov .mil .org yield more interesting results.

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 27, 2006 03:15AM

http://www.chevron.com/links.asp?name=Homepage:%20BrandList:%20Texaco&category=Homepage%20Links&url=http://www.asdf.com/
http://www.chevrontexacocards.com/cccard/en/public/adview.asp?AdTarget=http://www.asdf.com&AdPage=texaco&AdType=25gc&AdName=2177 <--forces link to be https://

-maluc



Edited 1 time(s). Last edit at 09/27/2006 03:21AM by maluc.

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 27, 2006 05:02AM

http://search.aol.com/aolcom/redir?src=PTL&clickedItemURN=http%3A%2F%2Fwww.asdf.com

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: September 27, 2006 03:51PM

http://www.lightreading.com/ad_redirect.asp?ad_version=2&ad_id=5116&ad_url=http%3A%2F%2Fwww%2Easdf%2Ecom%2F

-maluc



Edited 1 time(s). Last edit at 09/27/2006 03:52PM by maluc.

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: kirke
Date: September 27, 2006 04:56PM

http://www.dab-bank.com/dabip/DE/de/global/jsp/goExternal.jsp?baseURL=http%3A%2F%2Fwhatever.tld/

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: yawnmoth
Date: September 27, 2006 05:32PM

I'm a little currious - redirects such as these are supposed to increase pagerank, but couldn't Google just look at the $_GET parameters, realize it's a redirect, and subsequently ignore any links to $_GET['url'] or whatever in the document?

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: September 28, 2006 09:44AM

This doesn't help for pagerank... sorry if I mis-spoke somewhere... that's only HTML injection (and even that is up for debate if it's not persistant).

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: alf
Date: September 28, 2006 01:21PM

http://www.mediamarkt.de/redir/www.google.de

...

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: Ghozt
Date: September 28, 2006 01:33PM

http://us.ard.yahoo.com/*http://www.deathball.net/notpron/



Edited 1 time(s). Last edit at 09/28/2006 04:03PM by Ghozt.

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: alf
Date: September 29, 2006 09:26AM

@Ghozt:

" Forbidden

This link is not authorized by Yahoo! "

Some yahoo guys on this bb? :P

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: September 29, 2006 10:00AM

We have all kinds on this thread. In casual observation I've seen hits from almost every big company out there. There are lots of lurkers - which is totally okay. Frankly, I'd rather people read and learn than not read and not learn. :)

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Pages: Previous1234567891011Next
Current Page: 2 of 11


Sorry, only registered users may post in this forum.