XXRF Shots – Tool to Test SSRF Vulnerabilities

0
5
XXRF Shots - Tool to Test SSRF Vulnerabilities

What is SSRF vulnerability?

Server Side Request Forgery (SSRF) is a kind of vulnerability class the place attacker sends crafted request from a vulnerable internet utility, together with the unauthorised entry to the inner sources behind the firewall that are inaccessible immediately from the exterior community.


Installation

git clone https://github.com/ariya/phantomjs.git
cd phantomjs
chmod +x construct.py
./construct.py

Usage

./xxrf.sh

Enter the url with susceptible parameter and hit return key. The script is designed to carry out two totally different duties. At first it should inject the payload subsequent to the susceptible parameter and course of the request to one other python script written by @maaaaz. The python script requires phantomJS to carry out screenshot operate. It makes use of the checklist of injected payload and screenshots them and locations them in a screenshot listing.

Example:

https://www.instance.com/index.php?url=

Video

MoreTip.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.