Strange Redirect (Fixed but no bounty)

The target has a bug bounty program but they fixed it without any response. 🤷🏻‍♂️

When clicked on login the url had a redirect parameter.

target.com/login/?redirect=

and so i tried different payloads but most of them got 403 Forbidden or just would not redirect me to where i wanted.

Nothing worked until this payload -evil%252ecom but it redirected me to target.comevil.com

and i was like.

So if the url was target.com/login?redirect=anything it would redirect to target.comanything and so i added pany in the redirect parameter and it redirected to target.company

After that i went to see if the domain is available and it was.

I reported this vulnerability to them and no response for about a week. So i contacted again and its now been at least 4 months still no response but they fixed it.

Hope you learned something, if you liked then please share.

Thank You.😁

Bug-Bounty | Pentester

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store