Tracking Redirects with Preserve Log (DevTools) for Pentesting

By /

Listen to this Post

  1. Enable “Preserve log” in the “Network” tab of DevTools to capture all requests across redirects or page loads.
  2. Analyze the request chain for open redirects or sensitive data in query strings.
  3. Replicate the findings in Burp Suite for further testing and exploitation.

Practice-Verified Commands and Codes:

  • Enable Preserve Log in Chrome DevTools:
    Open DevTools (F12 or Ctrl+Shift+I), go to the “Network” tab, and check the “Preserve log” option.

  • Analyze Redirects with cURL:

Use cURL to trace redirects and inspect headers:

curl -v -L http://example.com

The `-v` flag shows verbose output, and `-L` follows redirects.

  • Burp Suite Replication:
    Capture the request in Burp Suite, then use the “Repeater” tool to manually test for vulnerabilities like open redirects.

  • Extract Query Strings with grep:
    If you have a log file, use grep to extract URLs with query strings: 

    grep -oP 'https?://[^?" ]+' logfile.txt

  • Automate Redirect Testing with Python:

Use Python to automate redirect analysis:

import requests

response = requests.get('http://example.com', allow_redirects=True)
for redirect in response.history:
print(redirect.status_code, redirect.url)
print("Final URL:", response.url)

What Undercode Say:

Tracking redirects is a critical skill in pentesting, as it helps identify vulnerabilities like open redirects and sensitive data exposure. By using tools like Chrome DevTools, Burp Suite, and cURL, you can effectively analyze and replicate redirect chains. Enabling “Preserve log” ensures no request is missed, while tools like grep and Python scripts can automate the extraction and analysis of query strings. Always validate findings in Burp Suite to confirm vulnerabilities. For further reading, check out OWASP’s guide on open redirects and Mozilla’s DevTools documentation. Mastering these techniques will enhance your ability to secure web applications and protect against malicious redirects.

Additional Commands:

  • Linux: Use `tcpdump` to capture network traffic: 
    sudo tcpdump -i eth0 -w redirects.pcap
  • Windows: Use `netsh` to trace network activity: 
    netsh trace start capture=yes tracefile=C:\redirects.etl
  • Analyze PCAP Files: Use Wireshark to inspect captured traffic: 
    wireshark redirects.pcap
  • Check DNS Resolution: Use `nslookup` to verify DNS entries: 
    nslookup example.com
  • Test SSL/TLS: Use `openssl` to check SSL certificates: 
    openssl s_client -connect example.com:443

By combining these tools and techniques, you can build a robust pentesting workflow for tracking and analyzing redirects.

References:

Hackers Feeds, Undercode AIFeatured Image

Related Posts: