Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Bitrix Site Management Russia 2.0 - Open Redirect

By kannthu

Medium
Vidoc logoVidoc Module
#redirect#bitrix#packetstorm
Description

What is the "Bitrix Site Management Russia 2.0 - Open Redirect" module?

The "Bitrix Site Management Russia 2.0 - Open Redirect" module is a test case designed to detect an open redirect vulnerability in the Bitrix Site Management Russia 2.0 software. This vulnerability allows an attacker to redirect a user to a malicious website, potentially leading to the disclosure of sensitive information. The severity of this vulnerability is classified as medium.

This module was authored by pikpikcu.

Impact

An open redirect vulnerability in the Bitrix Site Management Russia 2.0 software can have serious consequences. By exploiting this vulnerability, an attacker can trick users into visiting malicious websites, potentially leading to the theft of sensitive information or the execution of further attacks.

How does the module work?

The "Bitrix Site Management Russia 2.0 - Open Redirect" module works by sending various HTTP requests to the target website and checking for specific conditions. If the target website responds with a redirect status code (302 or 301) and the redirect location matches the regex pattern for the "interact.sh" domain, the module considers the vulnerability to be present.

Here is an example of an HTTP request used by the module:

GET /bitrix/rk.php?goto=https://interact.sh

The module uses two matching conditions to confirm the presence of the vulnerability:

- The response header must contain a redirect location that matches the regex pattern for the "interact.sh" domain. - The response status code must be either 302 or 301.

If both conditions are met, the module reports the presence of the open redirect vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/bitrix/rk.php?goto=.../bitrix/redirect.php.../bitrix/redirect.php...(+9 paths)
Matching conditions
regex: (?m)^(?:Location\s*?:\s*?)(?:https?://|/...and
status: 302, 301
Passive global matcher
No matching conditions.
On match action
Report vulnerability