Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

SAP Solution Manager - Open Redirect

By kannthu

Medium
Vidoc logoVidoc Module
#redirect#sap
Description

What is the "SAP Solution Manager - Open Redirect?"

The "SAP Solution Manager - Open Redirect" module is designed to detect an open redirect vulnerability in SAP Solution Manager. This vulnerability allows an attacker to redirect a user to a malicious website by exploiting the logoff endpoint. The severity of this vulnerability is classified as medium, with a CVSS score of 6.1.

This module was authored by Gal Nagli.

Impact

If successfully exploited, this open redirect vulnerability in SAP Solution Manager can lead to potential security risks. An attacker could redirect users to malicious websites, potentially exposing them to phishing attacks, malware downloads, or other malicious activities.

How the module works?

The "SAP Solution Manager - Open Redirect" module works by sending a GET request to the "/sap/public/bc/icf/logoff" endpoint with a redirect URL parameter. It then checks the response for specific conditions to determine if the open redirect vulnerability exists.

The module's matching conditions include:

- Checking if the response status is a 302 redirect - Checking if the response header contains either "Location: https://www.interact.sh" or "Location: https://interact.sh"

If both conditions are met, the module reports the vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/sap/public/bc/icf/l...
Matching conditions
status: 302and
word: Location: https://www.interact.sh, Locat...
Passive global matcher
No matching conditions.
On match action
Report vulnerability