Oct 24, 2023, 12:20 PM
hello! some any hints
|
challenges ProxyAsAService
by h2m0nRe-d0b1e - Tuesday October 24, 2023 at 12:20 PM
|
|
Oct 24, 2023, 05:52 PM
Actually, the challenge is to get a private url through the vuln of the ssrf type, on a running docker it looks like this:
``` /app # curl localhost:1337/debug/environment {"Environment variables":{"FLAG":"HTB{f4k3_fl4g_f0r_t3st1ng}" ``` But trust only local ip, ofcourse XFF don't work/ I think exploitation proxy redirect in this variable `target_url = f'http://{SITE_NAME}{url}'`. And this need tricks.
Oct 24, 2023, 07:23 PM
(This post was last modified: Oct 24, 2023, 07:45 PM by h2m0nRe-d0b1e.)
Oh, I see log got it ?url=@ , but response block this rules RESTRICTED_URLS = ['localhost', '127.', '192.168.', '10.', '172.']
Upd\ get local address some else and done
Oct 29, 2023, 09:11 PM
Any updates, did you manage to do it?
Oct 30, 2023, 11:44 AM
Oct 30, 2023, 06:05 PM
Oct 31, 2023, 12:10 PM
(Oct 30, 2023, 06:05 PM)nighteliteace Wrote:(Oct 30, 2023, 11:44 AM)h2m0nRe-d0b1e Wrote:(Oct 29, 2023, 09:11 PM)nighteliteace Wrote: Any updates, did you manage to do it? check this out: https://github.com/swisskyrepo/PayloadsA...ombination |
|
« Next Oldest | Next Newest »
|
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
| Hack the box Pro Labs, VIP, VIP+ 1 month free Method | 23 | 2,167 |
1 hour ago Last Post: kkkato |
||
| [FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags | 20 | 2,491 |
Yesterday, 11:06 PM Last Post: op334 |
||
|
[FREE] HackTheBox All Cheatsheets | 3 | 396 |
Yesterday, 10:36 PM Last Post: op334 |
|
| [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired | 369 | 92,002 |
Yesterday, 04:10 PM Last Post: sabbyahmed |
||
| CBBH Write Ups | 22 | 6,226 |
Yesterday, 06:39 AM Last Post: Usercomplex |
||