Ayer se han publicado hasta un total de 22 dominios nacionales del buscador de Google que permiten un Open Redirect, es decir, que a través de una URL con un dominio de Google se puede navegar a cualquier URL que se pase como parámetro sin que exista ninguna validación previa.
Esto es especialmente importante en aquellos entornos en los que solo se muestra el dominio de la URL, ya que la víctima cree que va a ir a un sitio de Google y va a acabar en una web distinta. Los dominios afectados son:
- Google.se
- Google.ru
- Google.nu
- Google.it
- Google.co.uk
- Google.am
- Google.com.af
- Google.co.ao
- Google.ae
- Google.be
- Google.com.sl
- Google.com.sa
- Google.com.bh
- Google.com.bd
- Google.com.br
- Google.com.kh
- Google.com.qa
- Google.com.tw
- Google.com.tr
- Google.com.sg
- Google.com.bo
- Google.com.au
Tabla 2: Lista de dominios afectados por Open Redirect
Para explotar el Open Redirect en cualquiera de ellos, basta con utilizar cualquiera de estos dominios con una URL formada de la siguiente manera:
Un ejemplo de esto se puede ver en el siguiente vídeo de 17 segundos.
Como se puede ver en la lista, hay dominios importantes como el de Google Italia o Google.co.uk del Reino Unido.
Figura 2: PoC explotación Open Redirect en Google.se
Cuidado con los dominios de Google que vais a visitar mientras esto esté funcionando, no sea que acabéis en un servidor que esté armado con un kit de exploits y acabéis bien infectados.
I stumbled upon your site today while searching for data on Ethical Hacking. You have awesome posts. Great Work!
I couldn't help notice that your linked to https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet at your page http://tecnicaquilmes.fullblog.com.ar/bugs-de-open-redirect-en-22-dominios-de-google.html.
I wouLd like to suggest an article I recently created which is more in-depth and well researched article https://www.guru99.com/web-security-vulnerabilities.html .
I would be honoured if you link to it.
I did be happy to share your page with our 25k Facebook/Twitter/Linkedin Followers.
I stumbled upon your site today while searching for data on Ethical Hacking. You have awesome posts. Great Work!
I couldn't help notice that your linked to https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet at your page http://tecnicaquilmes.fullblog.com.ar/bugs-de-open-redirect-en-22-dominios-de-google.html.
I wouLd like to suggest an article I recently created which is more in-depth and well researched article https://www.guru99.com/web-security-vulnerabilities.html .
I would be honoured if you link to it.
I did be happy to share your page with our 25k Facebook/Twitter/Linkedin Followers.
I am Alex editor at Guru99. There is 69% chance you will not open this email considering its automated cold mail.
But I must highlight I enjoyed your content at http://tecnicaquilmes.fullblog.com.ar/bugs-de-open-redirect-en-22-dominios-de-google.html
I could not help noticing you link to https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet . I have created a more-in depth article at https://www.guru99.com/web-security-vulnerabilities.html
Can you link to us? I did be happy to share your page with our 25k Facebook/Twitter/Linkedin Followers as a thank you. Best, [Alex]
I am Alex editor at Guru99. There is 69% chance you will not open this email considering its automated cold mail.
But I must highlight I enjoyed your content at http://tecnicaquilmes.fullblog.com.ar/bugs-de-open-redirect-en-22-dominios-de-google.html
I could not help noticing you link to https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet . I have created a more-in depth article at https://www.guru99.com/web-security-vulnerabilities.html
Can you link to us? I did be happy to share your page with our 25k Facebook/Twitter/Linkedin Followers as a thank you. Best, [Alex]