From 0625e2aebfca40cd317dab7b69236a9165cd20db Mon Sep 17 00:00:00 2001 From: Ricardo Date: Fri, 30 Aug 2019 08:57:22 +0100 Subject: [PATCH] Add Host/Split Unicode Normalization Add Host/Split Exploitable Antipatterns in Unicode Normalization BH 2019 for filter bypass --- Open Redirect/README.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/Open Redirect/README.md b/Open Redirect/README.md index 0584673e..57365b08 100644 --- a/Open Redirect/README.md +++ b/Open Redirect/README.md @@ -114,6 +114,12 @@ http://www.yoursite.com/http://www.theirsite.com/ http://www.yoursite.com/folder/www.folder.com ``` +Host/Split Unicode Normalization +```powershell +https://evil.c℀.example.com . ---> https://evil.ca/c.example.com +http://a.com/X.b.com +``` + XSS from Open URL - If it's in a JS variable ```powershell @@ -169,4 +175,6 @@ http://www.example.com/redirect.php?url=javascript:prompt(1) * [OWASP - Unvalidated Redirects and Forwards Cheat Sheet](https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet) * [Cujanovic - Open-Redirect-Payloads](https://github.com/cujanovic/Open-Redirect-Payloads) * [Pentester Land - Open Redirect Cheat Sheet](https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html) -* [Open Redirect Vulnerability - AUGUST 15, 2018 - s0cket7](https://s0cket7.com/open-redirect-vulnerability/) \ No newline at end of file +* [Open Redirect Vulnerability - AUGUST 15, 2018 - s0cket7](https://s0cket7.com/open-redirect-vulnerability/) +* [Host/Split +Exploitable Antipatterns in Unicode Normalization - BlackHat US 2019](https://i.blackhat.com/USA-19/Thursday/us-19-Birch-HostSplit-Exploitable-Antipatterns-In-Unicode-Normalization.pdf)