// notes/ Web Exploitation
🕸️

SSRF

With input fields that request URL's add the server itself

#web applications#adot8
source · oscp.adot8.com · web-applications/ssrf

SSRF

With input fields that request URL's add the server itself

code
01http://127.0.0.1

In Burp you can take the request and through it into ffuf for port fuzzing

code
01ffuf -request req -request-proto http -w ~/opt/wordlists/ports.txt:FUZZ -fs 61
<figure><img src="/files/3pSwWbAoZ1lw0I8vuE0i" alt=""><figcaption></figcaption></figure>