SSRF – Page 5 – WindowsTechs.com

is SSRF attack or vulnerability?

Posted on February 2, 2019 by just4learn2

I’m reading now about SSRF attacks, and many articles “SSRF is an attack” and others said “it’s a vulnerability.” Which is correct?

Continue reading is SSRF attack or vulnerability?→

Testing RCE and SSRF using Python SimpleHTTPServer

Posted on September 4, 2018 by user185823

Is it possible to test RCE and SSRF vulnerabilities using Python SimpleHTTPServer? Or should I use a VPS server?

Continue reading Testing RCE and SSRF using Python SimpleHTTPServer→

What is the difference between RFI/LFI and SSRF?

Posted on August 13, 2018 by kozooh

Is there any difference between those? Can we say that Server Side Request Forgery (SSRF) is a generalization of Remote File Inclusion (RFI) and Local File Inclusion (LFI)?

Continue reading What is the difference between RFI/LFI and SSRF?→

Remote SSRF leading to LFI? [closed]

Posted on August 7, 2018 by user183535

I have found a SSRF on my friend’s site.

When I put http://scanme.nmap.org:5555 in an input box, it returns:

Get http://scanme.nmap.org:5555: dial tcp 46.34.32.156:5555: connect: connection refused

How can I read files by… Continue reading Remote SSRF leading to LFI? [closed]→

SSRF when user input is appended to hostname

Posted on August 6, 2018 by user149925

Is it considered a SSRF vulnerability (or is it dangerous at all) if the backend of an application fetches a URL that is somewhat based off of user input, in a way similar to this

get(“https://thehostname.com/a-directory/” +… Continue reading SSRF when user input is appended to hostname→

Server Side request forgery (SSRF) explanation

Posted on August 1, 2018 by Rifat Shommo

I am looking to gain a better understanding of the SSRF vulnerability.
I have googled and watched YouTube tutorials but they all show advanced techniques that are difficult to understand.

I am curious as to how to connect to… Continue reading Server Side request forgery (SSRF) explanation→

How to craft udp packets in ssrf without gopher or with dict?

Posted on May 11, 2018 by Aayush

Hi am a security researcher at a product based company and recently I discovered a ssrf as follows:-

$imgurl = $_REQUEST[‘file_storefrontbanner’][‘C’];
$filename= basename($imgurl);
$header_data = @get_headers($imgurl,1);

… Continue reading How to craft udp packets in ssrf without gopher or with dict?→

What can be done with Blind SSRF?

Posted on April 1, 2018 by Reda LM

I know SSRF can be exploited with the file:// protocol to read local files (something like path traversal) and also scan ports of hosts from the same network as the web server.
but how Blind SSRF can be exploited ?

Continue reading What can be done with Blind SSRF?→

How can SSRF be more dangerous? [on hold]

Posted on March 10, 2018 by Utkarsh Agrawal

How can SSRF be more dangerous? I know through SSRF we can do port scanning But only port Scanning?

Are we able to read the local files? And if we can’t read the local files what further can we do with it?

Continue reading How can SSRF be more dangerous? [on hold]→

how to fix Out-of-band resource load (HTTP) issue identified by BURP scan

Posted on February 20, 2018 by rakesh

I have Salesforce application which is using my web application hosted in one of our customer’s server (IIS 8.0).

BURP Scan has identified one issue in my web application. Issue is something like this.

Severity: High

Con… Continue reading how to fix Out-of-band resource load (HTTP) issue identified by BURP scan→