tom/darkly
1
0
Fork 0
mirror of https://github.com/tmoron/darkly.git synced 2025-09-28 13:08:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

add readme for headers_manipulation, open_redirect and senstive_file_exposure

Browse Source
This commit is contained in:
tomoron
2025-04-09 15:14:57 +02:00
parent c6391d050d
commit 792878d5ae
3 changed files with 60 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
open_redirect/README.md Normal file
View File

@ -0,0 +1,14 @@
# Open redirect
## How We Found It
On the footer, there is buttons to go to the twitter, instagram and facebook page of 42. to redirect the links in the href are `?page=redirect&site=<service>`. so we tried changing the site to something else and got a flag
## Utility of It
- Allows attackers to redirect users to arbitrary URLs.
- Can be used for phishing, token theft, or triggering unexpected behavior (like flag reveals in CTFs).
- Often underestimated but can be chained with other bugs.
## How Can We Patch It
- Only allow redirects to a whitelisted set of domains.
- Dont take the redirect target directly from user input.
- Consider showing a confirmation page before redirecting.