Name: Allowlist Bypass (formerly Whitelist Bypass)
Description: Enforce a redirect to a page you are not supposed to redirect to.
Difficulty: 4 star
Category: Unvalidated Redirects
Expanded Description: https://pwning.owasp-juice.shop/part2/unvalidated-redirects.html
The last of the 4 star challenges!
OK, so it looks like the format is “http://localhost:3000/redirect?to=“, then a website. First, I wanted to see what happened when I tried to redirect to nowhere.
Nothing special happened aside from the 406 error, so I tried redirecting to this blog.
Again, I received a 406 error.
Being fairly inexperienced in web development, I was a little stumped as to what the challenge wanted me to do. I didn’t realize that it wanted me to route my redirect to one of the allowed websites through a disallowed site, which makes quite a bit of sense in retrospect.
In short, the solution I used was to navigate to “http://localhost:3000/redirect?to=http://kimminich.de?pwned=https://github.com/bkimminich/juice-shop“.
Now it’s on to the 5 star challenges, where I, for some reason, have been having much more luck than with the 4 star challenges.
Prevention and Mitigation Strategies:
Lessons Learned and Things Worth Mentioning:
While I’m sure my lack of front-end experience has caused unnecessary consternation during the course of these challenges, this was the first time where I felt completely clueless from the very beginning. I’m going to need to spend more time studying and playing with front end code so that I can get more comfortable with how the mechanics of a web app truly work.