Introduction

We covered SSRF vulnerability as part of TryHackMe SSRF room from the Junior Penetration Tester pathway.

Get OSCP Certificate Notes

What is an SSRF?

SSRF stands for Server-Side Request Forgery. It’s a vulnerability that allows a malicious user to cause the webserver to make an additional or edited HTTP request to the resource of the attacker’s choosing.

Types of SSRF

There are two types of SSRF vulnerability; the first is a regular SSRF where data is returned to the attacker’s screen. The second is a Blind SSRF vulnerability where an SSRF occurs, but no information is returned to the attacker’s screen.

What’s the impact?

A successful SSRF attack can result in any of the following:

  • Access to unauthorised areas.
  • Access to customer/organisational data.
  • Ability to Scale to internal networks.
  • Reveal authentication tokens/credentials.

Answers

What does SSRF stand for?

As opposed to a regular SSRF, what is the other type?

What is the flag from the SSRF Examples site?
What website can be used to catch HTTP requests from a server?
What method can be used to bypass strict rules?

What IP address may contain sensitive data in a cloud environment?

What type of list is used to permit only certain input?

What type of list is used to stop certain input?

What is the flag from the /private directory?

Video Walk-through

 

 

, ,
Show Comments

Motasem

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles