URL Redirection in ORKUT
About Orkut:-orkut.com is an online community website designed for friends. The main goal of our service is to make your social life... orkut's social network can help you both maintain existing relationships and establish new ones by reaching out to people you've never met before. Who you interact with is entirely up to you
Original Url:-
https://www.orkut.com/
GLogin.aspx?done=http%3A%2F%2Fwww.orkut.com%2F
Malformed URL:-
https://www.orkut.com/GLogin.aspx?done=http://any_url.com
After successful validation Url redirection occurs. To make the matter worse , as the validation has already occured.the victims browser has been authenticated and will remain authenticated unless he logs out of orkut. Although remotely , it can only be exploited by doing a phishing attack at any_url.com with a fake login screen etc.
Credits:-$um$id
0 Comments:
Post a Comment
<< Home