Intro to SSRF
Premium roomLearn how to exploit Server-Side Request Forgery (SSRF) vulnerabilities, allowing you to access internal server resources.
easy
30 min
142,156
To access material, start machines and answer questions login.
Room Brief
In this room, you'll learn what an is, what kind of impact they can have, you'll view some example attacks, how you can discover vulnerabilities, how to circumvent input rules and then we have a practice for you against with to try your newfound skills.
What is an ?
stands for Server-Side Request Forgery. It's a vulnerability that allows a malicious user to cause the webserver to make an additional or edited request to the resource of the attacker's choosing.
Types of
There are two types of vulnerability; the first is a regular where data is returned to the attacker's screen. The second is a Blind vulnerability where an occurs, but no information is returned to the attacker's screen.
What's the impact?
A successful attack can result in any of the following:
- Access to unauthorised areas.
- Access to customer/organisational data.
- Ability to Scale to internal networks.
- Reveal authentication tokens/credentials.
As opposed to a regular SSRF, what is the other type?
Ready to learn Cyber Security?
The Intro to SSRF room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in