STRLCPY/AllAboutBugBounty

Adding open redirect and update readme
MD15 committed 3 years ago

5428e251

1 parent ecb57dcb

■ ■ ■ ■ ■ ■

Local File Inclusion.md

1 + # Soon!

All occurrences
■ ■ ■ ■ ■ ■

NoSQL Injection.md

1 + # Soon!

All occurrences

■ ■ ■ ■ ■ ■

Open Redirect.md

1	+	## Filter Bypass
2	+
3	+	1. Using a whitelisted domain or keyword
4	+	```
5	+	target.com.evil.com
6	+	```
7	+
8	+	2. Using "//" to bypass "http" blacklisted keyword
9	+	```
10	+	//evil.com
11	+	```
12	+
13	+	3. Using "https:" to bypass "//" blacklisted keyword
14	+	```
15	+	https:evil.com
16	+	```
17	+
18	+	4. Using "\/\/" to bypass "//" blacklisted keyword (Browsers see \/\/ as //)
19	+	```
20	+	\/\/evil.com/
21	+	/\/evil.com/
22	+	```
23	+
24	+	5. Using "%E3%80%82" to bypass "." blacklisted character
25	+	```
26	+	/?redir=evil。com
27	+	/?redir=evil%E3%80%82com
28	+	```
29	+
30	+	6. Using null byte "%00" to bypass blacklist filter
31	+	```
32	+	//evil%00.com
33	+	```
34	+
35	+	7. Using parameter pollution
36	+	```
37	+	?next=target.com&next=evil.com
38	+	```
39	+
40	+	8. Using "@" character, browser will redirect to anything after the "@"
41	+	```
42	+	[email protected]
43	+	target.com%40evil.com
44	+	```
45	+
46	+	9. Creating folder as their domain
47	+	```
48	+	http://www.yoursite.com/http://www.theirsite.com/
49	+	http://www.yoursite.com/folder/www.folder.com
50	+	```
51	+
52	+	10. Using "?" characted, browser will translate it to "/?"
53	+	```
54	+	http://www.yoursite.com?http://www.theirsite.com/
55	+	http://www.yoursite.com?folder/www.folder.com
56	+	```
57	+
58	+	11. Host/Split Unicode Normalization
59	+	```
60	+	https://evil.c℀.example.com
61	+	```
62	+
63	+	12. Using parsing
64	+	```
65	+	http://ⓔⓥⓘⓛ.ⓒⓞⓜ
66	+	```

■ ■ ■ ■ ■ ■

README.md

		skipped 2 lines
3	3
4	4		## List
5	5		- [Business Logic Errors](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Business%20Logic%20Errors.md)
	6	+	- SQL Injection (SOON)
	7	+	- NoSQL Injection (SOON)
	8	+	- Local File Inclusion (SOON)
6	9		- [Cross Site Request Forgery (CSRF)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Cross%20Site%20Request%20Forgery.md)
7	10		- [Cross Site Scripting (XSS)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Cross%20Site%20Scripting.md)
	11	+	- [Open Redirect](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Open%20Redirect.md)
	12	+	- [Insecure Direct Object References (IDOR)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Insecure%20Direct%20Object%20References.md)
8	13		- [Denial of Service (DoS)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Denial%20Of%20Service.md)
9	14		- [Exposed Source Code](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Denial%20Of%20Service.md)
10	15		- [Host Header Injection](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Host%20Header%20Injection.md)
11		-	- [Insecure Direct Object References (IDOR)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Insecure%20Direct%20Object%20References.md)
12	16		- [Web Cache Poisoning](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Web%20Cache%20Poisoning.md)
13	17
14	18		## List Bypass
15	19		- [Bypass 2FA](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%202FA.md)
16	20		- [Bypass 403](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20403.md)
	21	+	- [Bypass 304](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20304.md)
17	22		- [Bypass Captcha](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20Captcha.md)
18	23		- [Bypass File Upload](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20File%20Upload.md)
19	24		- [Bypass Rate Limit](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20Rate%20Limit.md)
		skipped 25 lines

■ ■ ■ ■ ■ ■

SQL Injection.md

1 + # Soon!

All occurrences

Adding open redirect and update readme