profile_image
SSRF With DNS Rebinding
Time2 Hours
LevelHard
start lab

What is Server-Side Request Forgery Attack?

Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing. In a typical SSRF attack, the attacker might cause the server to make a connection to internal-only services within the organization's infrastructure. In other cases, they may be able to force the server to connect to arbitrary external systems, potentially leaking sensitive data such as authorization credentials. In simple words, Server-Side Request Forgery (SSRF) refers to an attack, wherein an attacker can send a crafted request from a vulnerable web application. SSRF is mainly used to target internal systems behind WAF (web application firewall), that are unreachable to an attacker from the external network. Additionally, it’s also possible for an attacker to mark SSRF, for accessing services from the same server that is listening on the loopback interface address called (127.0.0.1).

Severity

The severity of SSRF varies and depends on case to case basis.

Exploiting SSRF

1

Identify the URLS and entry point.

2

Copy the payload and replace it with the value of the parameter you have taken.

3

Monitor the Logs.