|
|
|
|
|
|
by edent
2726 days ago
|
|
|
They're also really useful for evading spam filters. I found[1] a bunch of government domains with open redirects. Spammers were sending out emails containing links to `example.gov.uk/redirect?url=dodgy-viagra.ph` - and certain spam filters were trained to whitelist "trusted" domains. You also see a lot of open redirect abuse on forums - especially where they're configured to only show the first few dozen characters of a link. [1] https://www.openbugbounty.org/researchers/edent/ |
|
|