SSRF

What does SSRF stand for?

Server-Side Request Forgery

As opposed to a regular SSRF, what is the other type?

Blind

What is the flag from the SSRF Examples site?

THM{SSRF_MASTER}

What website can be used to catch HTTP requests from a server?

requestbin.com

What method can be used to bypass strict rules?

Open Redirect

What IP address may contain sensitive data in a cloud environment?

169.254.169.254

What type of list is used to permit only certain input?

Allow List

What type of list is used to stop certain input?

Deny List

What is the flag from the /private directory?

THM{YOU_WORKED_OUT_THE_SSRF}

Page updated

Google Sites

Report abuse