URL Redirection attack

A URL Redirection is to bring the browser from one URL to another URL. For example, if a link at

http://www.example.com/login.php?redirect=
http://www.example.com/home.php

brings you to

http://www.example.com/home.php

This is a URL Redirection.

A URL Redirection Attack is a kind of vulnerability that redirects you to another page freely out of the original website when accessed, usually integrated with a phishing attack.

http://www.example.com/login.php?redirect=
http://www.examp1e.com/home.php

and on clicking it will bring you to

http://www.examp1e.com/home.php

This page could lead to a malicious page that resembles the original, and tries to trick the user into giving their credentials. Notice the “l” and “1”, which can catch some unwary users off-guard. This is a URL redirection attack.

URL redirection is sometimes used as a part of phishing attacks that confuse visitors about which web site they are visiting. session stealing based on URL redirection or forwarding is a weakness, which in most cases requires the victim interaction (Social Engineering). The conduction of such an attack is relatively simple. The web application remembers the URL, which was requested from a client web browser. After a successful login, the user is redirected to the remembered URL. However, if the application does not check the validity of the former URL then a user might get redirected to a site, which collects a user’s session or asks once more for username and password. (Phishing site). Phishing is used in most successful targeted hacks and also regularly in opportunistic attacks. Considering how prominent phishing is in our daily lives, Open Redirect vulnerabilities should not be dismissed.

Impact

Website forgery: If an attacker can redirect a user from one trusted site to another site, the victim may not notice the redirection and may extend their trust to a malicious site.

Countermeasures

Never allow silent redirects to a user-specified URL, even if the hostname is fixed.

For any Cyber Security information contact help@theweborion.com

 

Leave a Comment

Your email address will not be published. Required fields are marked *

5 + 11 =