Bypassing SSRF Protection

There’s always more to do…

Image for post
Image for post
Error. Requests to this address are not allowed. Please try again.

SSRF Protection Mechanisms

Bypassing Whitelists

Image for post
Image for post

Bypassing Blacklists

Fooling it with redirects

<?php header(“location: http://127.0.0.1"); ?>

Tricking it with DNS

Using IPv6 addresses

Switching out the encoding

127.0.0.1 translates to 0x7f.0x0.0x0.0x1
127.0.0.1 translates to 0177.0.0.01
127.0.0.1 translates to 0177.0.0.0x1

Conclusion

Happy Hacking!

Hi there, thanks for reading. Please help make this a better resource for new hackers: feel free to point out any mistakes or let me know if there is anything I should add!

Disclaimer: Trying this on systems where you don’t have permission to test is illegal. If you’ve found a vulnerability, please disclose it responsibly to the vendor. Help make our Internet a safer place :)

Professional investigator of nerdy stuff. Hacks and secures. Creates god awful infographics. https://twitter.com/vickieli7

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store