gratipay / security-00004 Goto Github PK
View Code? Open in Web Editor NEWredirect while opening links in new tabs
redirect while opening links in new tabs
Reported by hami hax to [email protected]:
Hello Team,
I'd like to report to you a nice little bug about opening links in new tabs.
When you open a link in a new tab ( target="_blank" ), the page that opens in a new tab can access the initial tab and change it's location using the window.opener property.POC:
http://newbangaloreprojects.com/non.html (just click on the link, don't worry, no harm will be done).
Don't right-click it and open it in new tab, don't use the mouse wheel to open it, don't Ctrl+Click, just do a normal click on the link.The javascript code that does all the magic:
window.opener.location.
replace(newURL);when some one click on link automatic redirect
http://newbangaloreprojects.com/loginpy.html
my phishing page :-pI hope you see why this is dangerous: this method has huge potential for tricking /gratipay.com/ that click on external links from this site to be a victim of a scam page because the redirecting is made in the background, while the user is focused on another tab.
More then that, some browsers like Mozilla for Android don't even display the URL, just the page title, so the user has no way of knowing that he was redirected to a scam page.
Tested on Chrome version 36 (latest version), Firefox for Windows and Android (latest versions). Websites that protect themselves against this kind of attack: google.com websites, twitter.com (they open links in new tabs, but the window.opener property is set to null)Here`s the code i use this exploit
<html> <script> window.opener.location.replace('http://newbangaloreprojects.com/loginpy.html'); </script> My cool page with some funny cat pictures.<br> <br> <img style="height:400px; width:300px;" src="http://static.tumblr.com/81b6d42b4064def5e9062d5f4410c820/betml74/Yl5ml0lia/tumblr_static_impress.jpg"> </html>
i hope you check it Thanks :)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.