Attacking unvalidated redirection and Forward
--
Introduction
Applications provide users to visit other domains, that might be by clicking on a link or automatically, it is known as URL redirection and forwards.. However, if this functionality is not implemented correctly, it can be exploited by an attacker who can use this to redirect the legit user into his controlled malicious domain.
Let’s understand what are redirects and forwards and how they can be exploited.
What are Unvalidated Redirects and Forwards?
Unvalidated Redirect:
It occurs when an application uses user controllable data to perform the redirection in an unsafe way. So the user controllable data is being used for the redirection, a malicious user can use this to redirect user to his controllable website, which can be a phishing website or may ask user to install malware on their system, and since this redirection has been occurred from the legit website there is a probability that user might get trapped.
It is commonly known as a URL redirection vulnerability or Open Redirect that can be combined with other OWASP top 10 vulnerabilities to make its impact bigger.
Example:
https://test.com/redirect?move=http://phishingdomain.com
Why it is considered a serious vulnerability:
Since the redirect is being occurred from a legit domain user might think that the legit website is redirecting him to this page, and the attacker might host a phishing page there which might ask for the user credentials and then can also ask them to install the malware or ransomware on the system.
How do they occur?
If you experience, whenever we intercept the traffic by any intercepting proxy tool and check the response of each request, we come to…
