It’s just the Blind SSRF Exploitation Example section of Server Side Attacks. (My post asking for help is here.) I’m just trying to duplicate the commands that are in the section. As best I can tell, all I should really have to do is change the IP address to match my own.
I can’t complete the part where I send an HTML file that should trigger a GET request to my machine with the contents of /etc/passwd (base64 encoded). I never get the GET request back to me, and my POST of the HTML file never completes (no response from the server).
And I get similar results on the next part of that section which is uploading a reverse shell. When I send the example code, updated with my IP address, I get no connection to my netcat listener, and my POST of the exploit code never gives a response.
The reverse shell is particularly interesting because I know my injected command is running, and I know my encoding is correct. Because if I send a command like echo "Hello, world!"; sleep 10;, the POST takes 10 seconds to complete. So it’s clearly correctly decoding and executing my shell command. But I’ve tried 10+ different reverse shells, including the one from the example, and nothing ever hits my netcat listener.
Everything I’ve tried suggests the target machine either can’t route back to me, or has some sort of firewall in place. Keep in mind this isn’t a skill assessment. It’s just duplicating what was done in the section. The commands / exploit code listed in the section should be working for me unchanged (except for the IP address), but it’s not.