SSRF proof of concept on bwapp [on hold]
I installed bwapp as a Docker container. Though the bwapp application runs SSRF, it is not possible on it. How to get an SSRF vulnerability on bwapp or other software?
Category Archives: SSRF
SSRF PoC using fill="url(…)" with absolute path
I read this interesting report which describes a SSRF vulnerability allowing to fetch internal images by using the url property in a path element. However, even though this vulnerability most likely relies on the server rende… Continue reading SSRF PoC using fill="url(…)" with absolute path
XXE Injection Attacks – XML External Entity Vulnerability With Examples
XXE Injection Attacks or XML External Entity vulnerabilities are a specific type of Server Side Request Forgery or SSRF attack relating to abusing features within XML parsers.
The features these attacks go after are widely available but rarely used and when trigged can cause a DoS (Denial of Service) attack and in some cases much more serious escalation like extraction of sensitive data or in worst case scenarios RCE or Remote Code Execution.
Continue reading XXE Injection Attacks – XML External Entity Vulnerability With Examples
Potential issues allowing users to set any URL as web hook
I’m still in the planning stage so this may not be fully fleshed out, but I’m working on a SaaS project. Part of which allows users (customers of my SaaS) to configure my API to watch for events and respond in a preconfigured… Continue reading Potential issues allowing users to set any URL as web hook
What You Need To Know About Server Side Request Forgery (SSRF)
SSRF or Server Side Request Forgery is an attack vector that has been around for a long time, but do you actually know what it is? Server Side Request Forgery (SSRF) refers to an attack where in an attacker is able to send a crafted request from a vulnerable web application. SSRF is usually used […]
The post What You Need To Know About…
Read the full post at darknet.org.uk
Continue reading What You Need To Know About Server Side Request Forgery (SSRF)
Resolve External IP From SSRF? [on hold]
I’m testing for SSRF vulnerabilities so my question is; can I resolve external IP (from another computer on the network) from a SSRF vulnerability?
SSRF Attack Exploitation Scenario
In this video (0:37) the guy starts a simple HTTP server using Python and then uses a link to fetch a file from the server he just started. But how does this pose a potential security vulnerability?
A file gets uploaded to a… Continue reading SSRF Attack Exploitation Scenario
Java, Python FTP Injection Attacks Bypass Firewalls
Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses. Continue reading Java, Python FTP Injection Attacks Bypass Firewalls
Java, Python FTP Injection Attacks Bypass Firewalls
Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses. Continue reading Java, Python FTP Injection Attacks Bypass Firewalls
Preventing Server-Side Request Forgeries in Java
The application lets users specify a URL for their profile picture. It fetches the data from the URL and saves it on the server. However, the app is vulnerable to server-side request forgery (SSRF) – you can specify URLs like file:///etc/p… Continue reading Preventing Server-Side Request Forgeries in Java