-
Simply try to change the domain
Example: ?redirect=https://example.com --> ?redirect=https://evil.com
-
Bypass the filter when protocol is blacklisted using
//Example: ?redirect=https://example.com --> ?redirect=//evil.com
-
Bypass the filter when double slash is blacklisted using
\\Example: ?redirect=https://example.com --> ?redirect=\evil.com
-
Bypass the filter when double slash is blacklisted using
http:orhttps:Example: ?redirect=https://example.com --> ?redirect=https:example.com
-
Bypass the filter using
%40Example: ?redirect=example.com --> ?redirect=example.com%40evil.com
-
Bypass the filter if it only checks for domain name
Example: ?redirect=example.com --> ?redirect=example.comevil.com
-
Bypass the filter if it only checks for domain name using a dot
%2eExample: ?redirect=example.com --> ?redirect=example.com%2eevil.com
-
Bypass the filter if it only checks for domain name using a query/question mark
?Example: ?redirect=example.com --> ?redirect=evil.com?example.com
-
Bypass the filter if it only checks for domain name using a hash
%23Example: ?redirect=example.com --> ?redirect=evil.com%23example.com
-
Bypass the filter using a
°symbolExample: ?redirect=example.com --> ?redirect=example.com/°evil.com
-
Bypass the filter using a url encoded Chinese dot
%E3%80%82Example: ?redirect=example.com --> ?redirect=evil.com%E3%80%82%23example.com
-
Bypass the filter if it only allows you to control the path using a nullbyte
%0dor%0aExample: ?redirect=/ --> ?redirect=/%0d/evil.com
-
-
Save reanimat0r/03d3dfa2cc73d146575062813c093b5a to your computer and use it in GitHub Desktop.
Open redirect bypasses
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment