xray icon indicating copy to clipboard operation
xray copied to clipboard

Published 20 hours ago verified publisher icon chaitin

add poc-yaml-office365-open-redirect

Open tangxiaofeng7 opened this issue 3 years ago • 2 comments

本 poc 是检测什么漏洞的

office365-open-redirect

测试环境

fofa: app="Outlook-Web-App"

备注

image

tangxiaofeng7 avatar Nov 08 '21 02:11 tangxiaofeng7

师傅,能具体解释下这个漏洞么?

smile-jpg avatar Nov 10 '21 08:11 smile-jpg

师傅,能具体解释下这个漏洞么?

攻击者服务器开启Autodiscoverv1服务就可以做到url重定向

exp: https://mail.xx.com/autodiscover/autodiscover.json/v1.0/[email protected]?Protocol=Autodiscoverv1

tangxiaofeng7 avatar Nov 12 '21 02:11 tangxiaofeng7

当前贡献POC的形式和奖励都有所变更,如果您现在还希望提交POC,可以参考此处的相关信息进行提交,感谢您的贡献

https://docs.xray.cool/excitation/reward

h3ak avatar Mar 28 '24 10:03 h3ak