Oct 24, 2023, 12:20 PM
hello! some any hints
|
challenges ProxyAsAService
by h2m0nRe-d0b1e - Tuesday October 24, 2023 at 12:20 PM
|
|
Oct 24, 2023, 05:52 PM
Actually, the challenge is to get a private url through the vuln of the ssrf type, on a running docker it looks like this:
``` /app # curl localhost:1337/debug/environment {"Environment variables":{"FLAG":"HTB{f4k3_fl4g_f0r_t3st1ng}" ``` But trust only local ip, ofcourse XFF don't work/ I think exploitation proxy redirect in this variable `target_url = f'http://{SITE_NAME}{url}'`. And this need tricks.
Oct 24, 2023, 07:23 PM
(This post was last modified: Oct 24, 2023, 07:45 PM by h2m0nRe-d0b1e.)
Oh, I see log got it ?url=@ , but response block this rules RESTRICTED_URLS = ['localhost', '127.', '192.168.', '10.', '172.']
Upd\ get local address some else and done
Oct 29, 2023, 09:11 PM
Any updates, did you manage to do it?
Oct 30, 2023, 11:44 AM
Oct 30, 2023, 06:05 PM
Oct 31, 2023, 12:10 PM
(Oct 30, 2023, 06:05 PM)nighteliteace Wrote:(Oct 30, 2023, 11:44 AM)h2m0nRe-d0b1e Wrote:(Oct 29, 2023, 09:11 PM)nighteliteace Wrote: Any updates, did you manage to do it? check this out: https://github.com/swisskyrepo/PayloadsA...ombination |
|
« Next Oldest | Next Newest »
|
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
| [FREE] CPTS 12 FLAGS | 66 | 1,759 |
59 minutes ago Last Post: vlka |
||
| [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired | 370 | 92,418 |
6 hours ago Last Post: lifolifo007 |
||
| Hack the box Pro Labs, VIP, VIP+ 1 month free Method | 23 | 2,206 |
9 hours ago Last Post: kkkato |
||
| [FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags | 20 | 2,519 |
Yesterday, 11:06 PM Last Post: op334 |
||
|
[FREE] HackTheBox All Cheatsheets | 3 | 412 |
Yesterday, 10:36 PM Last Post: op334 |
|