Ah, crap... sorry, yah, I'm exhausted, I guess it shows. Whoops.

- RSnake
Gotta love it. http://ha.ckers.org

http://web.tickle.com/rd/42805/http://www.aloha.com/~darkwatr/tkl01.htm

-maluc

..because i was bored...

Hop Aboard The InterTubes Train:
http://www.att.net/cgi-bin/redir?url=http://refer.ccbill.com/cgi-bin/clicks.cgi?CA=924891&HTML=http://web.tickle.com/rd/42805/http://www.tescofinance.com/personal/finance/entrypage_index.jsp?url=http://www.darkreading.com/reg_logout.asp?nexturl=http://www.internetaccessmonitor.com/bitrix/redirect.php?goto=http://transfer.go.com/cgi/transfer.dll?goto=http://www.sexocean.com/cgi-bin/tt.cgi?url=http://www.onlyteenstgp.com/cgi-bin/tt.cgi?url=http://www.easypic.com/cgi-bin/rb4/cout.cgi?url=http://www.pussy.org/cgi-bin/ucj/c.cgi?url=http://www.sexvalley.net/o.php?url=http://redirect.alexa.com/redirect?http://home.att.net/~cecw/lastpage.htm

-maluc

That was a rather boring train-ride.

- Kyran

HAHAHAHA. too bad it doesn't really show to most users as it's done with HTTP codes as opposed to JS

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer

http://pastebin.ca/180260 <-- had to be done

Edit: damnit. I missed off the last part, oh well. I'm not doing that again.

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer



Edited 1 time(s). Last edit at 09/22/2006 06:28PM by WhiteAcid.

http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://www.searchguild.com/redir/o.php?out=http://maluc.sitesled.com/noframe.html SEO forums? i guess the redirect is intentional

just need a simple framebreak to clean it up..

a useful googledork is inurl:redir .. as it's the typical name given for these redirects with frames .. the first several pages will show a dozen useable ones

-maluc

http://origins.firstgov.gov/external/external.jsp?url=http://www.whitehouse.com

Hey, whitehouse.com isn't a porn site anymore :( .. i miss the Intern of the Month.

-maluc

http://www.msblog.org/go.php?http://www.google.com
It wasn't hard to find (obviously), but I'm shocked that MS have something like this.

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer

Hmm... looks like that search guild URL is also vulnerable to XSS: http://www.searchguild.com/redir/o.php?out=http://www.google.com%22%3E<frame%20SRC=javascript:alert("XSS")></frameset>

- RSnake
Gotta love it. http://ha.ckers.org

heh, ya i've come to notice that a few sites use filters for all their input.. but also have a redirect script, that doesnt whitelist links and doesn't filter - making it easy for XSS .. which was posted for comcast, and some cellphone site, in the other thread

i wouldn't be surprised if more than 50% of the redirects that leave a frame across the top like searchguild does.. are vulnerable to the same injections

ex: http://alexandriava.gov/link/redir.pxe?www.penisland.net%22%3E%3Cframe%20src=javascript:alert(%22XSS%22)%3E

-maluc

http://www.dataplace.org/redir.html?url=http://www.penisland.net
http://www.inmetro.gov.br/redir.asp?url=http%3A%2F%2Fwww.penisland.net
http://econpapers.repec.org/scripts/redir.pl?u=http%3A%2F%2Fwww.penisland.net
http://www.freeml.com/servlet/redir?rd=http://penisland.net
http://www.topix.net/redir/loc=prss-myway/http=3A=2F=2Fpenisland.net <--accepts hex encoding with either %22 or =22 .. weird
http://www.mass.gov/portal/url-trx.jsp?MGTitle=&url=http://penisland.net

-maluc



Edited 2 time(s). Last edit at 09/25/2006 03:19AM by maluc.

Maluc... keep it up... one of the reasons I'm particular interested in 301 type redirects is because of HTTP response splitting. Keep up the good work!

- RSnake
Gotta love it. http://ha.ckers.org

http://webbguide.telia.se/redirect.jsp?rid=-1&type=FRONTWEB_INFO&url=http://whatever.com

- RSnake
Gotta love it. http://ha.ckers.org

http://usa.visa.com/track/dyredir.jsp?rDirl=http%3A//www.fakecreditapswithgreatbenefits0apr.com/

if this isn't great for phishing, i don't know what is ..

-maluc

Wow, they fixed that one in a hurry! That was amazingly fast. 30 minutes or less? That's got to be a record for fixing a redirect hole.

- RSnake
Gotta love it. http://ha.ckers.org

holy crap.. gotta hand it to visa for that one..

-maluc

http://www.njtransit.com/redir.jsp?url=http%3A%2F%2Fwww.asdf.com
http://experiencewashington.com/redir.aspx?url=http%3A%2F%2Fwww.asdf.com
http://www.brasilecodiesel.com.br/links/index.php?redir=le&acai3_cod=314228&url=http%3A%2F%2Fwww.asdf.com
http://www.cibera.de/ibero/servlet/servlets.Redir/lang=de/domain=ibero?resid=4735&url=http%3A%2F%2Fwww.asdf.com
http://dw.com.com/redir?destUrl=http%3A%2F%2Fwww.asdf.com

-maluc

Google dork? inurl:redir

Have I found your technique? ;)

- RSnake
Gotta love it. http://ha.ckers.org

lol yup .. and actually i like to throw in the inurl:gov for good measure .. i also like the inurl:%3A%2F%2F which is the :// part of http:// - as long as it's part of the query

google saves time.. for finding random ones. .gov .mil .org yield more interesting results.

-maluc

http://www.chevron.com/links.asp?name=Homepage:%20BrandList:%20Texaco&category=Homepage%20Links&url=http://www.asdf.com/
http://www.chevrontexacocards.com/cccard/en/public/adview.asp?AdTarget=http://www.asdf.com&AdPage=texaco&AdType=25gc&AdName=2177 <--forces link to be https://

-maluc



Edited 1 time(s). Last edit at 09/27/2006 03:21AM by maluc.

http://search.aol.com/aolcom/redir?src=PTL&clickedItemURN=http%3A%2F%2Fwww.asdf.com

-maluc

http://www.lightreading.com/ad_redirect.asp?ad_version=2&ad_id=5116&ad_url=http%3A%2F%2Fwww%2Easdf%2Ecom%2F

-maluc



Edited 1 time(s). Last edit at 09/27/2006 03:52PM by maluc.

http://www.dab-bank.com/dabip/DE/de/global/jsp/goExternal.jsp?baseURL=http%3A%2F%2Fwhatever.tld/

I'm a little currious - redirects such as these are supposed to increase pagerank, but couldn't Google just look at the $_GET parameters, realize it's a redirect, and subsequently ignore any links to $_GET['url'] or whatever in the document?

This doesn't help for pagerank... sorry if I mis-spoke somewhere... that's only HTML injection (and even that is up for debate if it's not persistant).

- RSnake
Gotta love it. http://ha.ckers.org

http://www.mediamarkt.de/redir/www.google.de

...

http://us.ard.yahoo.com/*http://www.deathball.net/notpron/



Edited 1 time(s). Last edit at 09/28/2006 04:03PM by Ghozt.

@Ghozt:

" Forbidden

This link is not authorized by Yahoo! "

Some yahoo guys on this bb? :P

We have all kinds on this thread. In casual observation I've seen hits from almost every big company out there. There are lots of lurkers - which is totally okay. Frankly, I'd rather people read and learn than not read and not learn. :)

- RSnake
Gotta love it. http://ha.ckers.org