Open in app

Sign up

Sign in

Write

Sign up

Sign in

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/

Follow publication

Member-only story

Let’s Understand SSRF vulnerability

Security Lit Limited
InfoSec Write-ups
Published in
5 min readJul 1, 2022

--

Photo by Nate Grant on Unsplash

Introduction

In most cases, the OWASP Top 10 will publish a list of vulnerabilities. These are the broad categories that encompass the various types of vulnerabilities. The Open Web Application Security Project (OWASP) provides definitions for a great many different aspects, including the many types of vulnerabilities it investigates and the remedies to those flaws. This list is generated based on how frequently the vulnerability is discovered, as well as the severity and the occurrence of a weakness. SSRF is a high severity vulnerability that is being featured in the OWASP Top 10, and it is one of the most frequently detected vulnerabilities. An SSRF attack typically has a high severity because it allows the attacker to retrieve a great deal of sensitive information from the server, such as the version of the protocol that is currently being used, and it also allows the attacker to access some of the files on the server that might have the sensitive information. If credentials are being leaked, these files can also be utilised to take control of the server and use it whatever you like. Exploiting SSRF can be done in a number of different ways, but the primary objective of the attacker is to circumvent the firewall restriction in order to get access to the internal systems and networks.

What are SSRF/Server Side request Forgery attacks?

Source

An attacker is able to coerce a vulnerable server into executing a malicious request on a third party server or any internal server that is part of the organization’s internal infrastructure if there is no input validation and no whitelisting of URLs has been maintained. If the public server of the website is making any request to the internal server to fetch information such as files, stock etc., then this attack is being carried out. In this attack, if the public server of the website is making any request to the internal server to If an attacker is redirecting the request through their internal server of the organisation, then it may bypass the internal server restrictions and can pose a threat to the sensitive information of the organisation. Sometimes an attacker has less control or partial control on the…

--

--

InfoSec Write-ups
InfoSec Write-ups
Follow

Published in InfoSec Write-ups

57K Followers
Last published 23 hours ago

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/

Follow
Security Lit Limited
Security Lit Limited
Follow

Written by Security Lit Limited

1.99K Followers
152 Following

https://tech.thoughttide.com/VPN

Follow

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech