Search for a command to run...
Articles tagged with #ssrf
Introduction In 1899, Elbert Hubbard wrote a short essay that would outlive him by over a century. It told the story of Lt. Andrew Rowan, a soldier given one mission: deliver a message to General Garc
Introduction: Web app with hidden internal pages. The challenge mentions an SSRF vulnerability. Goal: Access restricted admin functionality. What You Did: Login with default creds (admin/admin) Found export2pdf.php endpoint that accepts URLs Explo...
TopTierConversions LTD released MD2PDF, a tool designed to convert Markdown documents into PDF quickly and securely—or so they claimed. As part of this challenge, we were tasked with testing the service for weaknesses. At first glance, it seemed simp...
This article will cover the Intro to SSRF write-up under the Web Fundamentals on THM. What is an SSRF? What is an SSRF? SSRF stands for Server-Side Request Forgery. It's a vulnerability that allows a malicious user to cause the webserver to make an a...
