21 lines
1.2 KiB
YAML
21 lines
1.2 KiB
YAML
id: open-redirect
|
|
|
|
info:
|
|
name: Open Redirect Detection
|
|
author: Elmahdi & @pxmme1337 & @Regala_ & @andirrahmani1
|
|
severity: low
|
|
|
|
requests:
|
|
- method: GET
|
|
|
|
path:
|
|
- "{{BaseURL}}/evil.com/"
|
|
- "{{BaseURL}}///;@evil.com"
|
|
- "{{BaseURL}}/////evil.com"
|
|
- "{{BaseURL}}/?next=evil.com&content=evil.com&counturl=evil.com&dest_url=evil.com&document=evil.com&domain=evil.com&download=evil.com&file=evil.com&http=evil.com&https=evil.com&image=evil.com&image_src=evil.com&imageurl=evil.com&include=evil.com&media=evil.com&Page=evil.com&pageurl=evil.com&page_url=evil.com&picture=evil.com&referrer=evil.com&req=evil.com&request=evil.com&source=evil.com&src=evil.com&uri=evil.com&url=evil.com&_url=evil.com&target=evil.com&redirect=evil.com&redirectUrl=evil.com&redirectUri&rurl=evil.com&next=evil.com&redir=evil.com&to=evil.com&image_url=evil.com&return=evil.com&returnTo=evil.com&return_to=evil.com&return_path=evil.com&retUrl=evil.com&checkout_url=evil.com&continue=evil.com&continueTo=evil.com&url=evil.com&done=evil.com&uri=evil.com&proxy=evil.com"
|
|
matchers:
|
|
- type: regex
|
|
regex:
|
|
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?evil\.com(?:\s*?)$'
|
|
part: header
|