Exploiting Server Side Request Forgery (SSRF)

In this post, we demonstrated how to exploit SSRF to discover internal hidden services. We performed privilege escalation using Wget exploit CVE-2016-4971. We used lab material from HackTheBox Kotarak.

SSRF or server side request forgery is a vulnerability that allows an attacker to control and manipulate URL parameters to access internal resources or discover hidden services.

Wget Exploit CVE-2016-4971

The exploit works when the [wget] version is before [1.18].

Create a [.wgetrc] config file on your machine and type in the below content.

Create and host the config file with an FTP server using python.

Start a listener on your machine.

Transfer the exploit to the target machine and run it

Download HTB Kotarak Learning Material in PDF

Video Walk-Through

CTF Writeup, CVE, HackTheBox, OWASP, SSRF

Show Comments

Motasem

About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

View Articles

Exploiting Server Side Request Forgery (SSRF) | HackTheBox Kotarak

Leave a Reply Cancel reply

Motasem

About the Author

Press ESC to close

Leave a Reply Cancel reply

Motasem

About the Author

Share Article:

You might also like

Analyzing a Hacked WebServer With Wireshark | HackTheBox Intro To Blue Team | Chase

Exploiting Microsoft Windows Active Directory Certificate Service | CVE-2022-26923

WIFI Penetration Testing With aircrack-ng | TryHackMe Wifi Hacking 101