Forum Discussion

Akshay's avatar
Akshay
Icon for Bronze II rankBronze II
4 months ago

Server-Side Request Forgery

I need help with step 5 and 6 of Server-Side Request Forgery lab. I was able to find the location of potential SSRF i.e "lookup?url=http://localhost:3000/online" after that I have tried directory tra...
application security
offensive cyber
  • NyePrior's avatar
    NyePrior
    3 months ago

    If you take a look at the 'In this lab' section of the briefing panel, it'll give you the URL you need to access:

    To test the application, they've added a remote debug service to the server, the configuration of which can be found in the root directory (http://localhost:3000/[bot-name]/config) 

    So, you'll need to identify the bot's name before you'll have the specific URL to try and access. You can find that information on the homepage of the application 🙂

NyePrior's avatar
NyePrior
Icon for Immerser rankImmerser

Hey Akshay - there is a very rudimentary text-based filter in place on the application, and as a small hint, I'll let you know that this filter is case-sensitive. Let me know if that helps at all 🙂

  • NyePrior's avatar
    NyePrior
    Icon for Immerser rankImmerser
    3 months ago

    If you take a look at the 'In this lab' section of the briefing panel, it'll give you the URL you need to access:

    To test the application, they've added a remote debug service to the server, the configuration of which can be found in the root directory (http://localhost:3000/[bot-name]/config) 

    So, you'll need to identify the bot's name before you'll have the specific URL to try and access. You can find that information on the homepage of the application 🙂