Found a LiveJournal redirect exploit

If you’re a user of LiveJournal, or receive any correspondence from someone associated with the site, you may be vulnerable to inadvertently clicking a link that appears to reside on the domain. The exploit involves a specific URL format that will redirect the victim to a site/file of the malicious user’s choosing. While the exploit itself is simple in nature, its effects could potentially be very harmful.

The exploit involves using part of a LiveJournal URL:*insert your own URL here*

By entering any URL of your choosing at the end, you can creatively disguise a malicious site or even a “gag” link into the URL.

Exploited URL:*insert your own URL here*

If you replace the *insert your own URL here* part with the URL of your choosing, you will see that by visiting the newly-formed URL, it will redirect to the site you entered.
Pretty crazy huh?

Here’s an example:

While it looks like you’d be going to a page on the site, it would actually redirect you to my home page. There’s nothing stopping someone from placing a malicious website or even a link to a self-extracting zip file. Once the victim clicks the link, they might end up somewhere they don’t want to be, or find themselves downloading a file without even knowing it!

For what it’s worth, I’ve already let the LiveJournal team know and they are working on a fix as we speak! (their support is really outstanding!)

That’s my interesting find for the day!
Comments welcome.

2 thoughts on “Found a LiveJournal redirect exploit

  1. Sad… You try to do the right thing and warn them (and after I applauded their service no less!) and they don’t exhibit any sense of urgency.

    Thanks for the update Dave!

Leave a Reply

Your email address will not be published. Required fields are marked *