Shan Journey

Open Redirect On Codepolitan.com Description :  Open redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts may have a more trustworthy appearance. Unvalidated redirect and forward attacks can also be used to maliciously craft a URL that would pass the application’s access control check and then forward the attacker to privileged functions that they would normally not be able to access. Impact : Force user go to untrusted website from codepolitan website Location of bug :  https://www.codepolitan.com/users/login?callback= Payload : http://attacker.com Reproduce : 1. Open https://www.cod...

Summary Actually this open redirect is from appengine.google.com , but i combine it with google.com Step To Reproduce https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=https://www.evil.com Explain Open redirect found on appengine.google.com , and i combine it with google.com , because this is subdomain google also, so the google trust the subdomain and redirect it. But, sadly this is not getting bounty, i dont know why, but I after read on someone blog, he is also report this bug, and google dont qualify this to bug. you can more read the explain from his blog on : http://vagmour.eu/google-open-url-redirection/ he is better than me, Zuahahaha... Thanks, Apapedulimu