Nodejs application intentionally vulnerable to SSRF
JavaScript Shell
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
LICENSE
README.md Update README.md Dec 23, 2015
install.sh Minor update to install script Dec 23, 2015
ssrf-demo-app.js Fixed Issue #1. Not sure what changed Sep 26, 2016

README.md

Nodejs-SSRF-App

Nodejs application intentionally vulnerable to SSRF

Operating Systems

Ubuntu 14.04 TLS

Kali 2.0

Download and Setup

seth@ubuntu:/opt# sudo git clone https://github.com/sethsec/Nodejs-SSRF-App.git
seth@ubuntu:/opt# cd Nodejs-SSRF-App/
seth@ubuntu:/opt/Nodejs-SSRF-App# sudo ./install.sh

 To start the server:
  sudo nodejs ssrf-demo-app.js
  sudo nodejs ssrf-demo-app.js -p 8080

seth@ubuntu:/opt/Nodejs-SSRF-App# sudo nodejs ssrf-demo-app.js

##################################################
#
#  Server listening for connections on port:80
#  Connect to server using the following url:
#  -- http://[server]:80/?url=[SSRF URL]
#
##################################################