Greetings Friends! I hope you learnt a lot from last week’s Timing Attacks email, I had a lot of fun putting it together, alongside the demo and video. This week our tip is about Open Redirects - something that’s super easy to overlook, and the implications aren’t always immediately obvious.

Open Redirects

An Open Redirect vulnerability is where an attacker can trick the server into redirecting the victim somewhere specific, usually somewhere completely unrelated to the site the vulnerability is on. They are used to mask the final destination of a URL, so if the victim looks at the malicious open redirect link, all they see is a safe domain name at the beginning, not the real domain hiding at the end.

For example, consider an app that redirects a user to a login form with the intended authenticated URL in as a query string parameter.