Server Side Request Forgery

50 Points  

SSRF

Author

sambecks,  

Level  Difficulty

Validations

191 Challengers 1%

Note  Notation

1
2
3
4
5
32 Votes
To reach this part of the site please login

Solution 3 Solutions

Display solutions Submit a solution

Challenge Results Challenge Results

Pseudo Challenge Lang date
Mimah   Server Side Request Forgery fr 18 November 2018 at 15:22
pinponpin1349   Server Side Request Forgery en 17 November 2018 at 10:59
fssc0w   Server Side Request Forgery fr 16 November 2018 at 21:03
echirolle38   Server Side Request Forgery fr 16 November 2018 at 20:50
mad97x   Server Side Request Forgery fr 14 November 2018 at 18:56
maskott   Server Side Request Forgery fr 13 November 2018 at 19:27
Redouane   Server Side Request Forgery fr 13 November 2018 at 17:09
oliviermi   Server Side Request Forgery fr 10 November 2018 at 10:54
owodelta   Server Side Request Forgery en 8 November 2018 at 21:08
Slot   Server Side Request Forgery fr 8 November 2018 at 20:55

Challenges associated with this section 57 Challenges

Results Challenge's Name Validations Number of points  Explanation for the scores Difficulty  Difficulty Author Note  Notation Solution
pas_valide HTML 50% 51111 5 <<[fr];?php phpinfo();[en]test 2
pas_valide HTTP - Open redirect 14% 14329 10 Swissky 10
pas_valide Command injection 14% 13577 10 sambecks 9
pas_valide Weak password 38% 39162 10 <<[fr];?php phpinfo();[en]test 5
pas_valide User-agent 26% 26437 10 <<[fr];?php phpinfo();[en]test 10
pas_valide Backup file 20% 19917 15 <<[fr];?php phpinfo();[en]test 6
pas_valide HTTP - POST 6% 5196 15 Th1b4ud 9
pas_valide HTTP directory indexing 26% 26763 15 <<[fr];?php phpinfo();[en]test 4
pas_valide HTTP Headers 17% 17518 15 Arod 8
pas_valide HTTP verb tampering 16% 16322 15 <<[fr];?php phpinfo();[en]test 10
pas_valide Install files 17% 16781 15 <<[fr];?php phpinfo();[en]test 2
pas_valide Improper redirect 13% 13171 15 Arod 9
pas_valide CRLF 11% 10344 20 <<[fr];?php phpinfo();[en]test 6
pas_valide File upload - double extensions 12% 12246 20 <<[fr];?php phpinfo();[en]test 8
pas_valide File upload - MIME type 10% 9367 20 <<[fr];?php phpinfo();[en]test 7
pas_valide HTTP cookies 15% 15007 20 <<[fr];?php phpinfo();[en]test 5
pas_valide Directory traversal 13% 12683 25 <<[fr];?php phpinfo();[en]test 2
pas_valide File upload - null byte 9% 8797 25 <<[fr];?php phpinfo();[en]test 4
pas_valide PHP assert() 5% 4547 25 Birdy42 8
pas_valide PHP filters 8% 7895 25 <<[fr];?php phpinfo();[en]test 3
pas_valide PHP register globals 7% 6554 25 <<[fr];?php phpinfo();[en]test 1
pas_valide File upload - ZIP 3% 2156 30 ghozt 3
pas_valide Command injection - Filter bypass 2% 1671 30 sambecks 6
pas_valide Local File Inclusion 10% 10101 30 <<[fr];?php phpinfo();[en]test 3
pas_valide Local File Inclusion - Double encoding 5% 4642 30 zM 3
pas_valide PHP - Loose Comparison 2% 1649 30 ghozt 4
pas_valide PHP preg_replace() 4% 3641 30 sambecks 4
pas_valide PHP type juggling 4% 3414 30 vic511 4
pas_valide Remote File Inclusion 5% 4427 30 <<[fr];?php phpinfo();[en]test 8
pas_valide Server-side Template Injection 4% 3612 30 righettod 3
pas_valide SQL injection - authentication 14% 14300 30 <<[fr];?php phpinfo();[en]test 11
pas_valide SQL injection - authentication - GBK 3% 2673 30 dvor4x 3
pas_valide SQL injection - string 7% 6643 30 <<[fr];?php phpinfo();[en]test 8
pas_valide XSLT - Code execution 1% 919 30 ghozt 5
pas_valide LDAP injection - authentication 5% 4145 35 <<[fr];?php phpinfo();[en]test 8
pas_valide NoSQL injection - authentication 3% 2942 35 mastho 7
pas_valide Path Truncation 3% 2121 35 Geluchat 3
pas_valide PHP Serialization 3% 2856 35 Arod 2
pas_valide SQL injection - numeric 6% 5312 35 <<[fr];?php phpinfo();[en]test 6
pas_valide SQL Injection - Routed 2% 1228 35 soka 5
pas_valide SQL Truncation 3% 2377 35 Geluchat 2
pas_valide XML External Entity 2% 1647 35 sambecks 1
pas_valide XPath injection - authentication 3% 3085 35 <<[fr];?php phpinfo();[en]test 4
pas_valide Java - Spring Boot 1% 642 40 dvor4x 2
pas_valide Local File Inclusion - Wrappers 1% 1021 40 sambecks 2
pas_valide PHP - Eval 1% 210 40 chmod 3
pas_valide SQL injection - Error 3% 2427 40 sambecks 4
pas_valide SQL injection - Insert 1% 993 40 sambecks 2
pas_valide SQL injection - file reading 2% 1941 40 Arod 2
pas_valide XPath injection - string 2% 1663 40 <<[fr];?php phpinfo();[en]test 4
pas_valide NoSQL injection - blind 1% 945 45 ghozt 3
pas_valide SQL injection - Time based 2% 1767 45 ycam 2
pas_valide Server Side Request Forgery 1% 191 50 sambecks 3
pas_valide SQL injection - blind 3% 3076 50 <<[fr];?php phpinfo();[en]test 4
pas_valide LDAP injection - blind 2% 1196 55 <<[fr];?php phpinfo();[en]test 1
pas_valide XPath injection - blind 1% 763 75 <<[fr];?php phpinfo();[en]test 3
pas_valide SQL injection - filter bypass 1% 702 80 sambecks 5