Oct 24, 2023, 12:20 PM
hello! some any hints
|
challenges ProxyAsAService
by h2m0nRe-d0b1e - Tuesday October 24, 2023 at 12:20 PM
|
|
Oct 24, 2023, 05:52 PM
Actually, the challenge is to get a private url through the vuln of the ssrf type, on a running docker it looks like this:
``` /app # curl localhost:1337/debug/environment {"Environment variables":{"FLAG":"HTB{f4k3_fl4g_f0r_t3st1ng}" ``` But trust only local ip, ofcourse XFF don't work/ I think exploitation proxy redirect in this variable `target_url = f'http://{SITE_NAME}{url}'`. And this need tricks.
Oct 24, 2023, 07:23 PM
(This post was last modified: Oct 24, 2023, 07:45 PM by h2m0nRe-d0b1e.)
Oh, I see log got it ?url=@ , but response block this rules RESTRICTED_URLS = ['localhost', '127.', '192.168.', '10.', '172.']
Upd\ get local address some else and done
Oct 29, 2023, 09:11 PM
Any updates, did you manage to do it?
Oct 30, 2023, 11:44 AM
Oct 30, 2023, 06:05 PM
Oct 31, 2023, 12:10 PM
(Oct 30, 2023, 06:05 PM)nighteliteace Wrote:(Oct 30, 2023, 11:44 AM)h2m0nRe-d0b1e Wrote:(Oct 29, 2023, 09:11 PM)nighteliteace Wrote: Any updates, did you manage to do it? check this out: https://github.com/swisskyrepo/PayloadsA...ombination |
|
« Next Oldest | Next Newest »
|
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
|
[FREE] HackTheBox All Cheatsheets | 15 | 792 |
49 minutes ago Last Post: 0x5k1z0 |
|
| CPTS-FLAG | 14 | 5,718 |
1 hour ago Last Post: Sukon |
||
| [FREE] CPTS 12 FLAGS | 78 | 2,594 |
1 hour ago Last Post: hitlerssecretsidechick |
||
| [MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot | 91 | 8,272 |
1 hour ago Last Post: hitlerssecretsidechick |
||
| [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired | 381 | 94,467 |
4 hours ago Last Post: xixi75 |
||