urlssrf

Secure Code Warrior Server-Side Request Forgery


I am currently doing a problem on Secure Code Warrior's Java basic package, and the topic is server-side request forgery. The task is to try and access the "/vault" api through a parameter url. One of the files requires that the ip address starts with 127.0 or ::1, which I'm pretty sure means that we just have to access this /vault api from within the local system. However, I have been unsuccessful in trying to access /vault through changing the url parameter in the question.


Solution

  • I've just done it, and here is how. You should input everything beginning from statements

    https://..../statements/13?url=http://127.0.0.1:5000/vault