[Full-disclosure] NewOrder.box.sk Inherits Severe RedirectionVulnerability

Aditya K Sood zeroknock at metaeye.org
Thu Mar 29 17:40:16 BST 2007 

Nikolay Kichukov wrote:
> Hello there,
> I've read the article, but I still do not see where the severe redirection
> vulnerability is. Is this not a feature of the neworder.box.sk web site to
> allow anyone to be redirected to anypage they submit to redirect.php?
>
> Thanks,
> -Nikolay Kichukov
>
>
> ----- Original Message ----- 
> From: "Aditya K Sood" <zeroknock at metaeye.org>
> To: <full-disclosure at lists.grok.org.uk>
> Sent: Wednesday, March 28, 2007 8:49 PM
> Subject: [Full-disclosure] NewOrder.box.sk Inherits Severe
> RedirectionVulnerability
>
>
>   
>> Hi
>>
>> Previous Rootkit.com Vulnerability have been patched.
>> The neworder.box.sk is famous security website.It inherits very specific
>> redirection attacks. The domain forwarding or URL forwarding not only
>> directly possible through the website but can be called from third party
>> directly.
>>
>> A very generic analysis have been undertaken based on search engine
>> specification.Look into the issues at:
>>
>> http://zeroknock.blogspot.com/2007/03/neworderboxsk-inherits-severe.html
>> http://zeroknock.metaeye.org/analysis/neworder_red.xhtml
>>
>> Regards
>> Zeroknock
>> http://zeroknock.metaeye.org/mlabs
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>     
>
>
>   
Hi nikolay

                       Thats where the thinking is bit off side. 
Remember there
is lot of difference between redirection occurs from the main website
through generating event and the redirection  that occurs from the third
party.It will be okay to the feature context if the redirection supports
only from the website.

More precisely a search engine check is performed at the top to show
that the page is not subjected as standard page for redirection. If its
a feature than it must not be redirected from the third party.

Thats All.

Regards
Adi

Full-Disclosure is hosted and sponsored by Secunia.