LENOVO OPEN REDIRECTION
Hello Hackers!!
Welcome back to my another blog this time I'll introduce you with Open Redirection through the POST Method.
As all, we know about Lenovo, So let’s understand the scenario.
Lenovo has to Add an address Function where I add my address as a normal user and into POST request they’re using CSRF token for preventing attacks.
I came upon two points:-
Possible to attack through CSRF token
But unfortunately, my attack didn’t work I tried to attack through GET Based POST Based and use some bypassing techniques which were published by Harsh Bothra
Another one is Header Based Attack
Tried to add some headers X-Forwarded-Host, For, Referer Header but headers didn’t work into the original request.
Suddenly I removed those CSRF tokens from the POST request and add a header called Referer Header and the POST Based Redirection is worked.
Referer: https://bing.com ///ADD THIS LINE INTO THE REQUEST
- *The point should be noted**
When I remove the CSRF token the web application tries to fetch the info of the POST request that how to refer this Request then the Referer Header is working over here otherwise the Referer Header didn’t work.
Another Point Guys Install The Burp-Collaborator into your Burp Suite
I attached a video for better understanding.
Youtube: https://youtu.be/nb_FkBAgrcQ
SEVERITY: LOW
GET ACKNOWLEDGED BY LENOVO
Hope you understand my scenario….
Thank You, Hackers!! for taking the time to read my write-up.
Follow me on:
