------------------------------------------------ YOUTUBE OPEN REDIRECT VULNERABILITY ------------------------------------------------ Date: 23.03.2024 Author: Anezatra Test Platform: Windows 10 / Android ------------------------------------------------ WHAT IS A OPEN REDIRECT VULNERABILTY ------------------------------------------------ Open redirect vulnerability is a security flaw commonly found in web applications. It allows malicious actors to redirect users to unintended or malicious websites using seemingly legitimate redirection mechanisms. Attackers exploit this vulnerability by crafting URLs with parameters that control the redirection, often leading users to phishing or malware-infected sites. Web developers should exercise caution and implement proper security controls to mitigate the risks associated with open redirect vulnerabilities. ------------------------------------------------ POC TEST - REDIRECT DESTINATION ------------------------------------------------ target: example.com https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbTBuQmxJWmlDWGl3NFJqNVNnT0FJOXRFTlkwUXxBQ3Jtc0ttX0F6V1pSSVFaTlB1X3pzMW11Q2dSZVNCYThYb2thdlNJcmtkeEctcWoyMUtYZjhsOGVsWlJtam9teTFNcGlPcHdmNnZtZFI1NXliRFNXWEdXRk9kU183cEVDOEtoSEFVMEZvbGNuem5rcEtqZ1RyTQ&q=https://example.com [*] Exploit successfully [*] Contact: [email protected] [*] Github: https://github.com/anezatra