Recently...
i'm just join android security & malware telegram group, it is a very cool channel that talk about security, privacy, malware on Google Play, bugs, vulnerabilities, data leaks, bug bounty hunting, security tips & tutorials, tools, hacks, ethical hacking, penetration testing, forensic..etcwhen i was scrolling around contents, i stumble upon a post from andmp about vulnerability in URL address bar of UC browser that allow hacker to launch a phising website.
Cause: "browsers are trying to enhance the User Experience by just displaying the search term for certain URL patterns" & "bad regex check"
and
POC: www.google.com.attacker.domain/?q=www.facebook.com
I try to deliver the POC BUT i think it's not quite what i expect. LET ME EXPLAIN
i try to test the poc using adb for saving my time rather than have to type that long URL address. Download
~# adb shell input text www.google.com.blogspot.com/?q=facebook.com
~# adb shell input text www.google.com.evil.com/?q=instagram.com
when i try to input both of the URL it work flawlessly the URL bar only show the query to the user but things get a little bit out of hand when i try to use other domain name, such as:
~# adb shell input text www.google.com.andmp.com/?q=paypal.com
~# adb shell input text www.google.com.medium.com/?q=instagram.com
~# adb shell input text www.google.com.hackerone.com/?q=instagram.com
it always return an error and cannot find the domain. so i try to test the DNS using dig
Both of the domain in the first testing return a valid ip address but the rest of the three domain are not so lucky. At this time i am bewildered, i cannot determine whether it is domain fault that cannot map the ip address or i download a wrong version or there is something that i am missing. Leave your thoughts in comment below, i appreciate it. :)
Comments
Post a Comment