Invalid URI Redirection with Apache mod_rewrite Logo

Invalid URI Redirection with Apache mod_rewrite

0
Free
Visit Website

There have been times when a curious phish recipient or a zealous help desk staff has loaded the phishing link in their browser and decided to take a peek at a higher directory or the root domain. Of course, most times there isn’t much else site to see. In those cases, the chances of being reported to IR went up significantly, sometimes leading to a phishing campaign being blocked. This is where invalid URI redirection comes in handy. We can whitelist resources the Apache server will proxy for the targets and redirect any other requests to the target’s real domain or another page of our choosing. In the demo below, the user navigates to spoofdomain.com/really/long/url.html and is served a page; however, when the user navigates to spoofdomain.com/really/ the browser is redirected to google.com. RewriteEngine On RewriteCond %{REQUEST_URI} ^/(profiler|payload)/?$ [NC,OR] RewriteCond %{HTTP_REFERER} ^http://SPOOFED-DOMAIN.com [NC] RewriteRule ^.*$ http://TEAMSERVER-IP%{REQUEST_URI} [P] RewriteRule ^.*$ http://REDIRECTION-URL.com/? [L,R=302] Line by line explanation: Enable the rewrite engine If the request's URI is either '/profiler' or '/payload' (with an optional trailing slash), ignoring case; OR If the request's referer starts with 'http://SPOOFED-DOMAIN.com', ignoring case;

FEATURES

ALTERNATIVES

A low overhead rate limiter for your routes

Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.

An agentless API security platform that discovers, tests, and secures APIs through source code analysis without requiring traffic monitoring.

A tool to conduct preliminary security checks in code, infrastructure, or IAM configurations using various open-source tools.

A free online tool that scans and fixes common security issues in WordPress websites.

SearchCode is an extensive code search engine that indexes 75 billion lines of code from millions of projects to help developers find coding examples and libraries.

A SaaS-based web application firewall that combines signature and behavioral-based threat detection to protect applications deployed across cloud, on-premises and edge environments.

SAST and malware analysis tool for Android APKs with detailed scan information.