Discovering a Website HiJacking
What exactly is Website Hi-Jacking? According to "Professor Messer, One way to redirect your browsing activity is to force you to a site that you weren’t intending to visit. In this video, you’ll learn the techniques used to hijack URLs."
Identified a Vulnerability on PDF Document which is available to the public and different websites promoting the FTE Learning platform, The link it heavily promotes to military/veteran is a non-for-profit organization that has been completely hijacked.
The issue ran into was attempting to reporting the flaw to the appropriate department to take down the document to prevent exposure to any public or military personnel. I was also unable to track down the webmaster. Did track the IP address to the corporation that handles web content. The solution to issue attempting to report the vulnerability to CISA to have the link removed from the document.
The website redirects to a rogue nation website with the domain ending in .IR
Tools used:
W3C - Link Checker - https://validator.w3.org/checklink
Virus Total - Scan Vulnerabilities
https://us-cert.cisa.gov/report
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf
Credit:
Professormesser - https://www.professormesser.com/security-plus/sy0-401/url-hijacking/
NIST Cybersecurity Framework - https://www.nist.gov/cyberframework
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf