Various Server Side Request Forgery Issues

SSRF 1

This SSRF allowed me to view local files on the host as well as port scan internal hosts.

Reading /etc/passwd using the file protocol.

SSRF1

Brute-forcing for log files using BurpSuite Intruder:

SSRF2

SSRF 2

SSRF that had some filtering of 127.0.0.1 and localhost which was bypassed by using 0.0.0.0

SSRF3

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

%d bloggers like this:

Bug Bounty Findings by Meals