In this video, we cover Lab #7 in the SSRF module of the Web Security Academy. The site uses analytics software which fetches the URL specified in the Referer header when a product page is loaded. To solve the lab, we use this functionality to perform a blind SSRF attack against an internal server in the 192.168.0.X range on port 8080. In the blind attack, we use a Shellshock payload against the internal server to exfiltrate the name of the OS user.
▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: bit.ly/30LWAtE
▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬
Notes.txt document: github.com/rkh...
Web Security Academy Exercise Link: portswigger.ne...
Rana's Twitter account: / rana__khalil
1 окт 2024
