DVWA-Open HTTP Redirect-Medium

时间：2024-06-07 20:54:10

观察后端代码，发现后端对redirect进行了过滤，如果以http://或者https://开头则返回500响应码，并终止运行。

<?php

if (array_key_exists ("redirect", $_GET) && $_GET['redirect'] != "") {
	if (preg_match ("/http:\/\/|https:\/\//i", $_GET['redirect'])) {
		http_response_code (500);
		?>
		<p>Absolute URLs not allowed.</p>
		<?php
		exit;
	} else {
		header ("location: " . $_GET['redirect']);
		exit;
	}
}

http_response_code (500);
?>
<p>Missing redirect target.</p>
<?php
exit;
?>

相关文章

