Collaborate Disseminate
I have a customer service chat that, after ending, can be emailed as a transcript.
Any HTML tags I inject in the chat reflect normally in the pdf, but when I try to inject any iframe, embed or object tags, or script tag, to get AWS metadat… Continue reading SSRF in PDF scenario [closed]
I am cross-posting here on Information Security as well to request input on the security of the Python code I’ve written and whether it can be considered a false positive.
I’m writing a function to return a file from an msys2 package repo,… Continue reading CodeQL: How to resolve partial Server-Side Request Forgery warning when taking user-based input as a FastAPI endpoint?
I`m trying to perform a SSRF attack on a Hack The Box machine (editorial.htb). I’m trying to send a POST request using curl with the command
curl –data "hckyou.txt" -X POST http://editorial.htb/upload
The POST request in "… Continue reading Trying to send a POST request using curl to a HTB machine
I’m working on a function that returns a HTTP response from https://pypi.org/simple/ when Python’s pip installer requests it for a package. When pushing my code onto GitHub, the CodeQL checks warn of the risk of server side request forgery… Continue reading How to resolve server-side request forgery (SSRF) warning for a HTTP request that takes Python package names as input?
I am working on some portswigger labs to get good at web security.
I was doing this lab at the following link: https://portswigger.net/web-security/ssrf/lab-basic-ssrf-against-localhost
Spoiler, you press the "check stock" button… Continue reading Portswigger SSRF basic lab question
Gopher protocol is used a lot when exploiting SSRF, but how?
a Gopher URL takes the form:
gopher://<host>:<port>/<gopher-path>
but let’s take this example:
gopher://10.10.10.3:80/_POST%20/login%20HTTP/1.1%0aContent-Ty… Continue reading SSRF trough Gopher
I am working on a CTF called Internal. I know there are walkthroughs available but I am trying not to look at them for the time being and try and work through things myself. The admin page that is the apparent target is http://10.10.240.10… Continue reading Server Side Request Forgery Vulnerability Question
If I put the browser with burp suite and send it to the repeater and there if I change the referral url to any random url is it a vulnerability?
If it is vulnerable, what is the name of the vulnerability?
If it is not vulnerable please jus… Continue reading We intercept browser in burp and change the referral URL, is it a vulnerability? [closed]
I’m currently doing a pentest and noticed an endpoint where SSRF is possible. The internal request that is sent is a POST request. I would like to find a way to change it to a GET request. I spun up my own server and created a page that pe… Continue reading SSRF change method from POST to GET
Application login request is shown below.
The postgres information is passed via the cabinetName parameter. Is it a vulnerability? is it useful? can we exploit it?
or any other ways to exploit below request?
POST /<REDACTED>/LoginSer… Continue reading postgres database information passing in request can we exploit further? [closed]