This repository was archived by the owner on Jan 5, 2023. It is now read-only.
This repository was archived by the owner on Jan 5, 2023. It is now read-only.
Server-side request forgery vulnerability (SSRF) #60
Closed
Description
Describe the bug
Server-side request forgery vulnerability (SSRF)
To Reproduce
Steps to reproduce the behavior:
1.go to 'acp/acp.php?tn=pages&sub=index'
2. Enter the intranet address in the box to request
3. Can make a request to the intranet
request packet
Locate the vulnerable code /acp/core/pages.index.php
The start_index parameter calls the function fc_crawler
Tracing the fc_crawler function
Locate the vulnerable code /acp/core/functions_index.php
Continue to track the fc_loadSourceCode function
dict protocol for request
dict://ip:port
Use gopher protocol for request
gopher://192.168.172.114:9333/aaaaa

Led to the SSRF vulnerability
Desktop (please complete the following information):
- OS: MacOS
- Browser all
- Version last version
Metadata
Metadata
Assignees
Labels
No labels






