Web News, Technology, Science, etc
网络技术是从1990年代中期发展起来的新技术,它把互联网上分散的资源融为有机整体,实现资源的全面共享和有机协作,使人们能够透明地使用资源的整体能力并按需获取信息。
亚马逊 隐蔽重定向 (Covert Redirect) 基于 Kindle Daily Post, Omnivoracious, Car Lust & kindlepost.com omnivoracious.com carlustblog.com 公开重定向 (Open Redirect) 计算机网络安全漏洞
Amazon Covert Redirect Based on Kindle Daily Post, Omnivoracious, Car Lust & kindlepost.com omnivoracious.com carlustblog.com Open Redirect
Domains:
http://www.amazon.com/
All kindlepost.com omnivoracious.com carlustblog.com are websites belonging to Amazon.
Vulnerabilities Description:
Amazon has a security problem. Both Amazon itself and its websites are vulnerable to different kind of attacks.
When a user is redirected from amazon to another site, amazon will check a variable named "token". Every redirected website will be given one token. This idea is OK. However, all URLs related to the redirected website use the same token. This means if the authenticated site itself has Open Redirect vulnerabilities. Then victims can be redirected to any site from Amazon.
The vulnerabilities can be attacked without user login. Tests were performed on Safari 6.1.6 in Mac OS X 10.7.5, IE 8 in Windows 7, Chromium (version 37.0.2062.120) in Ubuntu 12.04 (281580) (64-bit).
Use a website for the following tests. The website is "http://www.diebiyi.com/articles". Suppose this website is malicious,
Discover:
Wang Jing, School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore.
http://www.tetraph.com/wangjing/
POC Video:
https://www.youtube.com/watch?v=UE_-AdA-zpQ&feature=youtu.be
Blog Details:
http://securityrelated.blogspot.com/2015/01/amazon-covert-redirect-based-on-kindle.html
评论