1
00:00:00,270 --> 00:00:07,560
All right, let's now let's talk about this open to the reaction, suppose there is a backhands group

2
00:00:07,560 --> 00:00:14,380
in BHP and this header Functio redirects to the string specified in this argument.

3
00:00:15,150 --> 00:00:21,240
So if you a header of guru.com, then the site returns to guru.com.

4
00:00:21,390 --> 00:00:23,250
So this is not a vulnerability.

5
00:00:23,580 --> 00:00:25,530
Of course it's a minor vulnerability.

6
00:00:25,530 --> 00:00:34,500
But when combined with Exercice, so this, uh, that you are or the water can be stored on the database,

7
00:00:35,010 --> 00:00:39,070
uh, in Texas, uh, when there is this vulnerability.

8
00:00:39,300 --> 00:00:46,160
So after that, whenever any user visits then that could open the database will execute this redirection.

9
00:00:46,410 --> 00:00:54,840
So we're going to see this, open that and you can change it with Exercice, our decision to write it

10
00:00:54,840 --> 00:00:57,160
down to some other location.

11
00:00:57,540 --> 00:00:59,890
So generally this would result.

12
00:01:01,230 --> 00:01:06,800
Generally this would result in the site defacing, uh, where you can see the site was a different way.

13
00:01:07,380 --> 00:01:07,890
You can see.

14
00:01:08,040 --> 00:01:09,900
So this is open to the action.

15
00:01:09,900 --> 00:01:15,810
They will take advantage of this exercise still Texases and then, uh, they'll use this.

16
00:01:16,290 --> 00:01:18,950
So no header of dislocation.

17
00:01:18,960 --> 00:01:22,140
So first we are going to have a demonstration.

18
00:01:22,140 --> 00:01:26,720
I have put this function to get the value of your order.

19
00:01:26,740 --> 00:01:34,440
Well, then it will be open to the stream location and then put the space and then the page we to this

20
00:01:34,440 --> 00:01:34,900
location.

21
00:01:36,150 --> 00:01:44,310
So this this is a page script and we cannot execute in windows because we do not have Zampa server or

22
00:01:44,310 --> 00:01:47,480
any other page feedback software.

23
00:01:47,730 --> 00:01:49,800
So that's what I'm going to open.

24
00:01:49,800 --> 00:01:50,280
This matters.

25
00:01:50,280 --> 00:01:58,800
But I have already, uh, uh, copied the code you can see here unless I am involved with the UAW.

26
00:01:58,980 --> 00:02:05,280
And if you say get a redirect that page and you can see this code, so.

27
00:02:06,220 --> 00:02:16,350
It's the same code header off the location press and this one you the value of the water available to

28
00:02:16,360 --> 00:02:16,470
us.

29
00:02:16,570 --> 00:02:20,980
Now, let's go to this address.

30
00:02:23,280 --> 00:02:31,080
So actually, right now we do not get any output because there is not any actual statement.

31
00:02:31,800 --> 00:02:39,910
So what we want to do is want to say, questionmark, you are is equals to HDTV.

32
00:02:39,910 --> 00:02:42,130
Yes, that's Goulder.

33
00:02:44,040 --> 00:02:52,410
So no, if I hit enter, this page will be redirected to this Google Rock'em Index, which as you can

34
00:02:52,410 --> 00:02:55,010
see now, Google dot com has been destroyed.

35
00:02:55,580 --> 00:02:56,380
Me go back.

36
00:02:56,670 --> 00:03:05,900
So in this way you can just simply use uh this uh header function if you find any in the background

37
00:03:05,940 --> 00:03:10,470
to identify this as the function or any, uh, taking the input.

38
00:03:10,470 --> 00:03:16,460
Then you can, uh, redirect this page to this, uh, any location you want, then really the purpose

39
00:03:16,560 --> 00:03:19,980
to use the, uh, you order encoding and basis for encoding.

40
00:03:20,610 --> 00:03:22,350
So let's see that also.

41
00:03:27,910 --> 00:03:31,000
So what I want to do is I want to see your order.

42
00:03:31,580 --> 00:03:38,410
So this is the back and forth on the front and JavaScript and codes are generally the browser and codes

43
00:03:38,410 --> 00:03:39,190
into the order.

44
00:03:39,220 --> 00:03:45,240
So in the background that there decode this, uh, this variable.

45
00:03:45,580 --> 00:03:46,870
That's what another one.

46
00:03:49,070 --> 00:03:51,320
OK, now it's perfect.

47
00:03:52,420 --> 00:04:01,220
Our attitude is, so what is your critical function takes the doses, it will take the, uh, value

48
00:04:01,220 --> 00:04:05,850
and it will be the you order and it will happen to this location.

49
00:04:06,530 --> 00:04:13,790
So first, we need to encode our daughter in order to send, uh, in order to make the reader successful.

50
00:04:13,820 --> 00:04:15,620
Let's type in Google your order.

51
00:04:15,620 --> 00:04:19,780
And so let's go to the theater and correct.

52
00:04:19,790 --> 00:04:26,480
That are now based in the holy water you want to, uh, return to.

53
00:04:29,530 --> 00:04:38,050
That's a good outcome and quote, and now you get this, uh, encoding format, so you use this encoding

54
00:04:38,050 --> 00:04:46,270
format to avoid some special characters with greater than less than quotations etc spaces are.

55
00:04:46,270 --> 00:04:49,290
Those characters will be converted to some special characters.

56
00:04:49,510 --> 00:04:54,970
So whenever a server balances this, it will be converted into Corra Ancestress, etc..

57
00:04:55,900 --> 00:04:58,840
So, no, I think we need to refresh this page.

58
00:04:58,990 --> 00:05:00,170
Yes, we have to finish it.

59
00:05:00,820 --> 00:05:04,480
Now, what I can do is I can say you are easy to install.

60
00:05:05,310 --> 00:05:07,150
Able will come back to this.

61
00:05:07,870 --> 00:05:09,210
You are incorrect data.

62
00:05:10,290 --> 00:05:13,000
You can see it should be a singular.

63
00:05:13,240 --> 00:05:15,430
Only some special characters have been modified.

64
00:05:15,760 --> 00:05:18,710
Now if I hit enter, we should return to guru.com.

65
00:05:19,660 --> 00:05:22,470
So as you guys can see, we have to split the router.

66
00:05:24,040 --> 00:05:27,700
So another encoding I want to tell is that is base64.

67
00:05:27,700 --> 00:05:35,560
And so we have already seen bushwalk, but let's implement this in our BHP Malenko.

68
00:05:36,760 --> 00:05:46,090
So instead of you, are the contents of this 64 underscore because let's say this.

69
00:05:48,520 --> 00:05:54,430
So let's go to be 64 and so you can also do this in the bar.

70
00:05:54,970 --> 00:05:59,040
There is a encoding and decoding options in the pursuit of what?

71
00:05:59,080 --> 00:06:02,190
I just you can use this on iTunes as well.

72
00:06:02,590 --> 00:06:08,200
If you are using Linux, there is a pull a message for you can retrieve the group from a group from

73
00:06:08,200 --> 00:06:11,320
the group and also the group from the terminal itself.

74
00:06:19,450 --> 00:06:26,230
So this is a basis for encourage farmers to forego their community colleges and let's dispense to make

75
00:06:26,230 --> 00:06:28,880
sure that our recent record has been included.

76
00:06:29,500 --> 00:06:33,800
And now let's say you order is equal to let's finish this one.

77
00:06:34,180 --> 00:06:39,940
So this will really go to good outcome and then it will be a to location and it will be there.

78
00:06:41,200 --> 00:06:44,460
Now, as you can see, we have successfully to guru.com.

79
00:06:44,860 --> 00:06:51,910
So this is the basic way of open redirection so that our personal, uh, encored two or three times

80
00:06:51,910 --> 00:06:53,500
for security purposes.

81
00:06:54,520 --> 00:06:54,970
Uh.

82
00:06:55,000 --> 00:07:02,350
Like the right combination of this water and the basic Shefford and British foreign water, etc..

83
00:07:02,860 --> 00:07:07,910
So you need to identify how it's going to work.

84
00:07:08,020 --> 00:07:15,280
So if you identify that, you can just, uh, identify the type of this encoding and then you can just,

85
00:07:15,650 --> 00:07:18,410
uh, simply pass that and call it a stream.

86
00:07:18,730 --> 00:07:22,970
So that's how far this video about this open ocean, though it's a minor vulnerability.

87
00:07:22,990 --> 00:07:25,750
You can change it with accesses are more correct decryption.

88
00:07:26,530 --> 00:07:31,990
And you can just simply, uh, redirect anyone to that or your desire to have.