Lab: Basic SSRF against another back-end system

decode it

send it to intruder

or we can use ffuf

ffuf -request req.txt -request-proto https -w number0-254.txt:FUZZ -fc 500

or we can use the turbo intruder

we can see the 124 here

view the page

PreviousLab: Basic SSRF against the local serverNextLab: Blind SSRF with out-of-band detection

Last updated