Basic SSRF against the local server

https://portswigger.net/web-security/ssrf/lab-basic-ssrf-against-localhost

Let's click on View details.

If we click on Check stock, the application returns us the available units.

We can now intercept this request in Burp Suite.

Let's send it to the Repeater so that we can modify and forward the request.

We can set the stockApi parameter to the following, so that the server return the content to us:

http://localhost/admin

Let's send the request.

The application returned the content of /admin.

We can now set the setAPI parameter to the following:

http://localhost/admin/delete?username=carlos

This will cause the application to delete the carlos user on our behalf.

We have solved the lab.

Last updated 9 months ago