Input Validation Issues - Part 2
This challenge is a bit different from the previous one.
Let's enter a proper URL.
When you click on
View, the website is opened at the lower half of the app. Let's remove the scheme
https:// from the URL.
There is a blank screen. We can understand that the app is not appending the scheme
https:// to the input. Let's try again with some random input.
We get an error
net::ERR_UNKNOWN_URL_SCHEME. So the app completely depends on the user input and runs that irrespective of the entered scheme.
Android browsers also accepts another scheme
file://. This scheme is used to view the contents of files inside the filesystem. Let's give it a try.
Positive results! The app accepts the
file:// scheme. Now let's try to access a previous challenge's file located at
Voila ! We cracked the challenge.
- Whenever an app asks for a URL, try providing
file://scheme. If it renders the contents of a file at a known location, this is a vulnerability