Server Side Request Forgery

50 Punkte

SSRF

Autor

sambecks, 22 Juni 2018

Stufe

Validierung

441 Herausforderer 1%

Bewertung

70 votes

Bitte loggen Sie sich ein um auf diese Seite zugreifen zu können

Musterlösung

Eine Musterlösung vorschlagen

Ergebnisse der Übungen

Nickname	Übungen	Sprache	date
apges01	Server Side Request Forgery		16. September 2019 zu 07:22
skyfiz	Server Side Request Forgery		6. September 2019 zu 12:15
g0h4n	Server Side Request Forgery		4. September 2019 zu 16:01
Fnby	Server Side Request Forgery		4. September 2019 zu 16:01
twh	Server Side Request Forgery		1. September 2019 zu 10:42
pigpig	Server Side Request Forgery		29. August 2019 zu 15:45
macz	Server Side Request Forgery		23. August 2019 zu 15:07
Chackal	Server Side Request Forgery		20. August 2019 zu 16:39
lutzenfried	Server Side Request Forgery		17. August 2019 zu 23:32
erk3	Server Side Request Forgery		15. August 2019 zu 12:02

60 Übungen

Ergebnis	Name der Übung	Validierung	Anzahl der Punkte	Schwierigkeitsgrad	Autor ↓↑	Bewertung	Musterlösung
	SQL injection - File reading	2% 2448	40		Arod		0
	HTTP - Headers	16% 23390	15		Arod		1
	HTTP - Improper redirect	13% 17844	15		Arod		1
	PHP - Serialization	3% 3570	35		Arod		0
	PHP - assert()	5% 6525	25		Birdy42		1
	PHP - Path Truncation	2% 2840	35		Geluchat		0
	SQL Truncation	3% 3078	35		Geluchat		0
	JSON Web Token (JWT) - Public key	1% 324	30		Jrmbt		0
	JSON Web Token (JWT) - Weak secret	1% 531	25		Jrmbt		0
	JSON Web Token (JWT) - Introduction	1% 813	20		Knowledge		0
	HTTP - Open redirect	17% 23733	10		Swissky		1
	HTTP - POST	10% 14452	15		Th1b4ud		1
	PHP - Eval	1% 1065	40		chmod		0
	Java - Spring Boot	1% 966	40		dvor4x		0
	SQL injection - Authentication - GBK	3% 3833	30		dvor4x		0
	LDAP injection - Authentication	4% 5133	35		g0uZ		1
	SQL injection - String	6% 8525	30		g0uZ		2
	SQL injection - Numeric	5% 6595	35		g0uZ		0
	SQL injection - Authentication	13% 18546	30		g0uZ		2
	Remote File Inclusion	4% 5541	30		g0uZ		2
	XPath injection - String	2% 2042	40		g0uZ		0
	XPath injection - Authentication	3% 3853	35		g0uZ		0
	SQL injection - Blind	3% 3626	50		g0uZ		0
	Local File Inclusion	9% 12889	30		g0uZ		0
	HTML - Source code	48% 70940	5		g0uZ		2
	LDAP injection - Blind	2% 1502	55		g0uZ		0
	CRLF	10% 13777	20		g0uZ		1
	HTTP - User-agent	24% 35400	10		g0uZ		3
	Weak password	35% 50881	10		g0uZ		1
	XPath injection - Blind	1% 993	75		g0uZ		0
	Backup file	18% 25595	15		g0uZ		1
	HTTP - Directory indexing	24% 35089	15		g0uZ		1
	HTTP - Verb tampering	15% 21390	15		g0uZ		1
	Install files	15% 21502	15		g0uZ		1
	File upload - Double extensions	11% 15881	20		g0uZ		1
	File upload - MIME type	9% 12308	20		g0uZ		2
	HTTP - Cookies	14% 19685	20		g0uZ		1
	Directory traversal	12% 16560	25		g0uZ		1
	File upload - Null byte	8% 11535	25		g0uZ		1
	PHP - Filters	7% 10117	25		g0uZ		1
	PHP - register globals	6% 8462	25		g0uZ		1
	XSLT - Code execution	1% 1473	30		ghozt		1
	NoSQL injection - Blind	1% 1310	45		ghozt		0
	PHP - Loose Comparison	2% 2853	30		ghozt		0
	File upload - ZIP	3% 3679	30		ghozt		0
	NoSQL injection - Authentication	3% 3798	35		mastho		0
	Java - Server-side Template Injection	4% 4679	30		righettod		0
	SQL injection - Insert	1% 1347	40		sambecks		0
	Server Side Request Forgery	1% 441	50		sambecks		0
	PHP - preg_replace()	4% 4694	30		sambecks		0
	SQL injection - Error	3% 3131	40		sambecks		0
	Local File Inclusion - Wrappers	1% 1433	40		sambecks		0
	XML External Entity	2% 2288	35		sambecks		0
	Command injection - Filter bypass	2% 2728	30		sambecks		0
	PHP - Command injection	16% 22982	10		sambecks		4
	SQL injection - Filter bypass	1% 968	80		sambecks		0
	SQL Injection - Routed	2% 1827	35		soka		0
	PHP - type juggling	4% 4491	30		vic		0
	SQL injection - Time based	2% 2276	45		ycam		0
	Local File Inclusion - Double encoding	5% 6121	30		zM		1