Open redirects: Easy to detect, Hard to fix

4 min readDec 10, 2021


Open redirects are pretty dangerous, not because of their impact but because of how easily they can be hidden. We will be exploring some general tips later on but first we need to explain what open redirects are.

The best way to do that in my experience is by example so we will again be building a lab and hacking it before we try to secure it. Open redirects happen when the application redirects the users but does not check the user is sent to the proper resource. Instead, no check is done and every malicious actor could insert their own link into the request and make it appear as if their website is affiliated with the one they are attacking in order to scam people.

I’ve foreseen a space on my FTP server where you can create your own labs. You are going to create them, hack them, and secure them before you learn what I mean by using the right filter for the right job.

Make a connection


  • [ ] FTP connection:
  • [ ] User: Training
  • [ ] Password: test
  • [ ] Create a new file on the server
  • [ ] Use “nickname.php” for example “rat.php” where the nickname can be anything, as long as you can copy and paste it

Let’s create an open redirect

Enter the following code in your file and upload it to the server.

if(isset($_GET[‘url’])){ $redirect_url = $_GET[‘url’]; header(“Location: “ . $redirect_url); }


<form action=YOUR_FILE.php method=”GET”> URL:<input type=”text” id=”url” name=”url”><br> <input type=”submit”> </form>

Take care to replace

<form action=YOUR_FILE.php method=”GET”> With your actual filename

Let’s hack it

Now you should be able to navigate to

Since you know what an open redirect is, can you guess what the problem here is?


No b*llshit Hacking tutorials with extreme value in short bursts