Backup_Repos/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings synced 2025-12-06 17:02:53 +01:00
Code Issues Projects Releases Wiki Activity

Update README.md

Browse source 
Add the "?" trick.
This commit is contained in:
Cervoise 2020-11-26 16:43:10 +01:00 committed by GitHub
parent b918095775
commit e9de4e9d78
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
Open Redirect/README.md
View file

@ -114,6 +114,14 @@ http://www.yoursite.com/http://www.theirsite.com/
http://www.yoursite.com/folder/www.folder.com http://www.yoursite.com/folder/www.folder.com
``` ```
Using "?" characted, browser will translate it to "/?"
```powershell
http://www.yoursite.com?http://www.theirsite.com/
http://www.yoursite.com?folder/www.folder.com
```
Host/Split Unicode Normalization Host/Split Unicode Normalization
```powershell ```powershell
https://evil.c℀.example.com . ---> https://evil.ca/c.example.com https://evil.c℀.example.com . ---> https://evil.ca/c.example.com