Security Researcher Chiang Yo Kay discovered an Open URL redirection vulnerability in Interswitch Nigeria Payment Portal that allowed him to have a webpay.interwsitchng.com link redirect to any website without restrictions.
An open URL Redirection flaw is generally used to convince a user to click on a trusted link which is specially crafted to take them to an arbitrary website, the target website could be used to serve a malware or for a phishing attack.
The Interswitch Open URL Redirection vulnerability exists at ResponsePost page with "url" parameter, i.e.
https://webpay.interswitchng.com/paydirect/Pay/ResponsePost/?url=
Simply adding a valid url to the url parameter will redirect elsewhere, i.e.
https://webpay.interswitchng.com/paydirect/Pay/ResponsePost/?url=http://www.junkyware.info
This Redirects To another domain www.junkyware.info
This Can Be Exploited To Remotely Download Malware, Steal Credit Card Details e.t.c
Watch Proof of Concept Video Below:
https://www.youtube.com/watch?v=jsCzyrpGisw
UPDATE:
Vulnerability Has Been Reported By Chiang Yo Kay.
Admin Responded To Our Bug Report Message, And Patched The Security Hole.
2 comments
Write commentsI can't browse to the URL above.
Replyit has been patched immediately by admin after being reported. Stay Tuned For More Updates.
ReplyShare your view.. EmoticonEmoticon