Server Side Request Forgery

50 Punkte

SSRF

Autor

sambecks, 22 Juni 2018

Stufe

Validierung

579 Herausforderer 1%

Bewertung

90 votes

Bitte loggen Sie sich ein um auf diese Seite zugreifen zu können

Musterlösung

Eine Musterlösung vorschlagen

Ergebnisse der Übungen

Nickname	Übungen	Sprache	date
Dramelac	Server Side Request Forgery		18. Februar 2020 zu 16:51
Nonow	Server Side Request Forgery		16. Februar 2020 zu 23:42
aelk	Server Side Request Forgery		15. Februar 2020 zu 23:37
chook4a	Server Side Request Forgery		15. Februar 2020 zu 13:11
nnm	Server Side Request Forgery		11. Februar 2020 zu 14:50
RootR	Server Side Request Forgery		10. Februar 2020 zu 15:47
kit50	Server Side Request Forgery		7. Februar 2020 zu 08:58
Mugiwara27	Server Side Request Forgery		7. Februar 2020 zu 04:00
symetryofchaos	Server Side Request Forgery		5. Februar 2020 zu 10:47
Hackdaddy	Server Side Request Forgery		3. Februar 2020 zu 15:27

61 Übungen

Ergebnis	Name	Validierung	Anzahl der Punkte	Schwierigkeitsgrad	Autor ↓↑	Bewertung	Musterlösung
	HTTP - Improper redirect	13% 20664	15		Arod		1
	PHP - Serialization	3% 3902	35		Arod		0
	SQL injection - File reading	2% 2769	40		Arod		0
	HTTP - Headers	16% 26834	15		Arod		1
	PHP - assert()	5% 7488	25		Birdy42		1
	PHP - Path Truncation	2% 3206	35		Geluchat		0
	SQL Truncation	3% 3440	35		Geluchat		0
	JSON Web Token (JWT) - Weak secret	2% 2099	25		Jrmbt		0
	JSON Web Token (JWT) - Public key	1% 995	30		Jrmbt		0
	JSON Web Token (JWT) - Introduction	2% 3153	20		Knowledge		0
	Insecure Code Management	2% 2730	20		Swissky		0
	HTTP - Open redirect	18% 29195	10		Swissky		1
	HTTP - POST	12% 18882	15		Th1b4ud		1
	PHP - Eval	1% 1341	40		chmod		0
	SQL injection - Authentication - GBK	3% 4564	30		dvor4x		0
	Java - Spring Boot	1% 1182	40		dvor4x		0
	SQL injection - String	6% 9738	30		g0uZ		2
	SQL injection - Blind	3% 3998	50		g0uZ		0
	Remote File Inclusion	4% 6171	30		g0uZ		2
	XPath injection - String	2% 2290	40		g0uZ		0
	LDAP injection - Authentication	4% 5658	35		g0uZ		1
	XPath injection - Authentication	3% 4160	35		g0uZ		0
	Local File Inclusion	9% 14374	30		g0uZ		0
	SQL injection - Authentication	13% 21213	30		g0uZ		2
	HTML - Source code	49% 82058	5		g0uZ		2
	LDAP injection - Blind	1% 1687	55		g0uZ		0
	Install files	15% 24056	15		g0uZ		1
	HTTP - User-agent	24% 40840	10		g0uZ		4
	Weak password	34% 57659	10		g0uZ		1
	XPath injection - Blind	1% 1157	75		g0uZ		0
	Backup file	17% 28769	15		g0uZ		1
	HTTP - Directory indexing	24% 39970	15		g0uZ		1
	HTTP - Verb tampering	15% 24058	15		g0uZ		1
	CRLF	10% 15658	20		g0uZ		1
	File upload - Double extensions	11% 17948	20		g0uZ		1
	File upload - MIME type	9% 14042	20		g0uZ		2
	HTTP - Cookies	14% 22538	20		g0uZ		1
	Directory traversal	11% 18576	25		g0uZ		1
	File upload - Null byte	8% 12894	25		g0uZ		1
	PHP - Filters	7% 11246	25		g0uZ		1
	PHP - register globals	6% 9369	25		g0uZ		1
	SQL injection - Numeric	5% 7341	35		g0uZ		0
	NoSQL injection - Blind	1% 1544	45		ghozt		0
	PHP - Loose Comparison	2% 3381	30		ghozt		0
	XSLT - Code execution	2% 1764	30		ghozt		1
	File upload - ZIP	3% 4379	30		ghozt		0
	NoSQL injection - Authentication	3% 4296	35		mastho		0
	Java - Server-side Template Injection	4% 5303	30		righettod		0
	SQL injection - Filter bypass	1% 1162	80		sambecks		0
	PHP - Command injection	17% 28026	10		sambecks		4
	Command injection - Filter bypass	2% 3237	30		sambecks		0
	Server Side Request Forgery	1% 579	50		sambecks		0
	PHP - preg_replace()	4% 5261	30		sambecks		0
	XML External Entity	2% 2613	35		sambecks		0
	SQL injection - Insert	1% 1521	40		sambecks		0
	SQL injection - Error	3% 3578	40		sambecks		0
	Local File Inclusion - Wrappers	1% 1666	40		sambecks		0
	SQL Injection - Routed	2% 2198	35		soka		0
	PHP - type juggling	3% 5037	30		vic		0
	SQL injection - Time based	2% 2607	45		ycam		0
	Local File Inclusion - Double encoding	5% 6860	30		zM		1