10.5 Lab: Blind SSRF with out-of-band detection | 2024
This site uses analytics software which fetches the URL specified in the Referer header when a product page is loaded. To solve the lab, use this functionality to cause an HTTP request to the public Burp Collaborator server | Karthikeyan Nagaraj
Published in
1 min readFeb 25, 2024
Description
This site uses analytics software which fetches the URL specified in the Referer header when a product page is loaded.
To solve the lab, use this functionality to cause an HTTP request to the public Burp Collaborator server.
Solution
- Click a product, capture the request, and Send it to Repeater.
- Remove the Referer Value and type http://
- Right-click, click Insert Collaborator Link and send the request.
- Go to the Collaborator tab and Click Poll Now to solve the Lab
A YouTube Channel for Cybersecurity Lab’s Poc and Write-ups
Telegram Channel for Free Ethical Hacking Dumps
Thank you for Reading!
Happy Ethical Hacking ~
Author: Karthikeyan Nagaraj ~ Cyberw1ng
