ctfhub---SSRF

Others 2020-09-21 15:50:33 views: null

1. Intranet access

Directly access 127.0.0.1/flag.php
Insert picture description here

2. Pseudo protocol to read files

You can use the file protocol in the php pseudo protocol to
construct the payload: file:///var/www/html/flag.php
Insert picture description here
flag in the source code
Insert picture description here

3. Port scan

The dict protocol can be used to detect open ports.
Construct payload dict: //127.0.0.1: port number.
Use burpsuite for blasting. The
Insert picture description here
Insert picture description here
open port is 8666
for access.

Insert picture description here
Get flag

Guess you like

Origin blog.csdn.net/tansty_zh/article/details/108524815
Recommended
Ranking
ASP.NET Core storage session to get any value
Linux has disk space but shows insufficient inode usage in Linux
Oral English 433 Twenty English Words Every Day
The use of common transforms in Pytorch
It's Graduation Season II again
Introduction to OracleDB 6: Use DB LINK to clone non-CDB into CDB architecture
How the report generator FastReport .Net uses code to create reports
My Live Writer Plugin - insert monkey face
DCM's diagnostic services dispatcher (DSD) a Detailed
Java NullPointerException when using scanner.hasNext();
Daily
More
2024-05-23(35)
2024-05-22(9)
2024-05-21(35)
2024-05-20(5)
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)

Code World

© 2018 codetd.com