Settings

Theme

301party.com: Intentionally open redirect

301party.com

92 points by nahikoa a year ago · 15 comments

Reader

rlk a year ago

I found a couple of fun tricks you can do with this (for some definition of "fun" anyway).

Go's http.Redirect function allows non-3xx statuses, and also renders a trivial page with a status message and link:

https://301party.com/451?url=javascript:alert(%27hello%27)

Alas not infinitely recursive but enough to make your browser give up:

https://301party.com/301?url=/301?url=/301?url=/301?url=/301...

[edit to add:] https://301party.com/0 causes a panic

  • Pyrodogg a year ago

    I'm so used to getting 451's that the example flew right over my head. First reaction was, "ugh this again [reaches for vpn]".

mmsc a year ago

Is there a bug bounty? I found an open redirect.

denysvitali a year ago

Created by wtfismyip.com - had a good laugh

yjftsjthsd-h a year ago

  metadata.301party.com: 169.254.169.254
  ipv6.metadata.301party.com: [::169.254.169.254]
Why not just one name with both A and AAAA records? ...er, and why not fd00:ec2::254? (I now suspect that there's a subjoke here that I'm missing)
  • bombcar a year ago

    It can be nice to have an address that is guaranteed to be one or the other.

arjvik a year ago

Also of interest: https://redirect.pizza/

65 a year ago

Can someone explain what this is?

zzo38computer a year ago

Fortunately, redirection to a file: URL will result in a browser error. Unfortunately, the browser does not explain what is wrong (although the redirect can be viewed in the developer tools, you might not know to look there, and it still doesn't have an error message to explain the problem).

  • jasonjayr a year ago

    While that is true for modern browsers, some backend http client libraries will follow the redirects. So; if you have a system that given an URL that fetches + displays the content, and you use a service that issues redirects to things like the AWS metadata service, or file:///etc/passwd --- well, the backend library is gonna redirect to the bad place, if it only checks the initially submitted url.

croemer a year ago

Couple of s/redirct/redirect typos

cheesekunator a year ago

"You cannot add 127.0.0.1 or localhost as a callback URL"

...watch me.

  • russelg a year ago

    I was wondering about use cases for this, this makes so much sense now.

Keyboard Shortcuts

j
Next item
k
Previous item
o / Enter
Open selected item
?
Show this help
Esc
Close modal / clear selection