Ahmia Search Engine Unvalidated Redirect and Forwards Vulnerability - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1209766 漏洞类型
发布时间 2018-06-11 更新时间 2018-06-11
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2018060114
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
[+] Exploit Title ; Ahmia Search Engine Unvalidated Redirect and Forwards Vulnerability

[+] Date : 2018-06-11

[+] Author : 0P3N3R From Iran Security Group

[+] Vendor Homepage : https://ahmia.fi/

[+] Dork : N/A

[+] Version : N/A

[+] Tested On : windows 10 - kali linux 2.0

[+] Contact : https://telegram.me/WebServer

[+] Description :

	[!] Ahmia searches hidden services on the Tor network.

	[!] What is Unvalidated Redirect and Forwards ?
	
	Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts may have a more trustworthy appearance. Unvalidated redirect and forward attacks can also be used to maliciously craft a URL that would pass the application’s access control check and then forward the attacker to privileged functions that they would normally not be able to access.

	

[+] Poc :

	[!] Video : https://youtu.be/WcpUXIj-8bc


[+] hacker can edit the url and replace its malicious link

[+] The user trusts the Ahmia and goes to the hacker link 

	[!] Vulnerable Link :

		[*] http://msydqstlz2kzerdg.onion/search/search/redirect?search_term=test%27&redirect_url=Your Link Here

	[!] For Ex (We Edit This Link): 

		[*] http://msydqstlz2kzerdg.onion/search/search/redirect?search_term=test%27&redirect_url=http://0p3n3r.ir

[+] Now You redirect to the My Website

[+] Exploitation Technique:

	[!] remote


[+] Severity Level:

	[!] Low

[+] Request Method :

	[!] GET

[+] Vulnerable files :

	[!] index

[+] Patch :

	[!] Restrict user input or replace bad characters

[+] We Are :

	[+] 0P3N3R [+] Ebrahim_Vaker [+]