Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 

ssrf-patch

As a challange i tried to make a patch for every variant of internal server side request forgery.

The ssrf.php version is based on fopen and ssrf-with-curl.php is based on curl_init().

it's protected again's:

every internal ip in url. ( as well octal/hexdeminal/binery encoded )

location header redirect to internal ip's.

internal ip returned using dns.

2 ip's on one domain using dns.

About

this code prevents internal ssrf.

Resources

License

Releases

No releases published

Packages

No packages published

Languages