FirstBlood-#22OpenRedirect on Secure Logout



On 2021-05-09, jonlaing reported:

The url http://firstbloodhackers.com:49195/drpanel/logout.php?ref=/ is shown on logging out.

This is vulnerable to an OpenRedirect vulnerability.

The original url can be amended to http://firstbloodhackers.com:49195/drpanel/logout.php?ref=/\///google.com and after following the redirects will take you to Google..

P4 Low

Endpoint: /drpanel/logout.php?ref=/\///google.com

Parameter: ref=

Payload: /\///google.com


FirstBlood ID: 1
Vulnerability Type: Open Redirect

There is an open url redirect vulnerability on /logout.php. The code expects it to start with / and does not allow to redirect to external domains but this can be bypassed.


Respect Earnt: 500000
RESPECT ($RSP) is an experimental cryptocurrency based on the Ethereum blockchain with the mission to show respect to those who deserve it. We are testing it out on our FirstBlood hackevent.