How to prevent SSRF vulnerabilities?
A
Prohibition of jumping
Filter the returned information
If the web application is to obtain a certain type of file. Then verify whether the returned information meets the standards before displaying the returned results to the user.
Unified error message
Prevent users from judging the port status of the remote server based on error messages.
port limit request
Such as 80, 443, 8080, 8090.
Prohibit protocols other than HTTP and HTTPS
For example, only http and https requests are allowed. It can prevent problems caused by requests like file:///, gopher://, ftp://, etc.
Set a whitelist for the request address or limit the intranet IP
Q
The principle of XXE vulnerability?
A
When XML files refer to external entities, they can communicate and construct malicious content, which can lead to reading arbitrary files, command execution and attacks on the intranet
Q
How to construct XXE attack?
A
1. Directly through the DTD external entity declaration
2. Import external DTD documents through DTD documents, and then introduce external entity declarations
3. Introduce the external entity declaration Q through the DTD external entity declaration
The harm of XXE vulnerability?
A
arbitrary file read
system command execution
Execute remote code
DOS denial of service attack
Intranet port detection
Attacking Intranet Websites
fishing