What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reports
📧 Subscribe to BBRE Premium: https://bbre.dev/premium
The blogpost with case study methodology: https://bbre.dev/ssrfs
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on twitter: https://bbre.dev/tw
I pulled 361 bug bounty reports from the web to make a case study and see how people are making money with SSRFs. From this video, you can learn what functionalities are most often vulnerable to Server-Side Request Forgery in these disclosed reports and also some of my opinions on which of them will become more popular in coming years.
Mentioned videos:
$12,000 Grafana SSRF in Gitlab: $12,000 Grafana SSRF in Gitlab - Bug ...
$31,337 Google Cloud blind SSRF + HANDS-ON labs: $31,337 Google Cloud blind SSRF + HAN...
How I found the $1,500 SSRF in Stripe bug bounty program: How I found the $1,500 SSRF in Stripe...
An overlooked parameter leads to a critical SSRF in Dropbox bug bounty program: An overlooked parameter leads to a cr...
🖥 Get $100 in credits for Digital Ocean: https://bbre.dev/do
Timestamps:
00:00 Intro
00:54 Import by URL
02:14 File uploads
04:39 Headless browsers / HTML rendering
05:36 Webhooks / checking server status
07:36 Proxying
09:16 Security mechanism / library bug
11:43 File storage integration
13:23 Sentry integration
14:43 Host header
15:10 Email configuration
16:32 First request line
18:07 Get access to the full case study and report database
The blogpost with case study methodology: https://bbre.dev/ssrfs
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on twitter: https://bbre.dev/tw
I pulled 361 bug bounty reports from the web to make a case study and see how people are making money with SSRFs. From this video, you can learn what functionalities are most often vulnerable to Server-Side Request Forgery in these disclosed reports and also some of my opinions on which of them will become more popular in coming years.
Mentioned videos:
$12,000 Grafana SSRF in Gitlab: $12,000 Grafana SSRF in Gitlab - Bug ...
$31,337 Google Cloud blind SSRF + HANDS-ON labs: $31,337 Google Cloud blind SSRF + HAN...
How I found the $1,500 SSRF in Stripe bug bounty program: How I found the $1,500 SSRF in Stripe...
An overlooked parameter leads to a critical SSRF in Dropbox bug bounty program: An overlooked parameter leads to a cr...
🖥 Get $100 in credits for Digital Ocean: https://bbre.dev/do
Timestamps:
00:00 Intro
00:54 Import by URL
02:14 File uploads
04:39 Headless browsers / HTML rendering
05:36 Webhooks / checking server status
07:36 Proxying
09:16 Security mechanism / library bug
11:43 File storage integration
13:23 Sentry integration
14:43 Host header
15:10 Email configuration
16:32 First request line
18:07 Get access to the full case study and report database
همه توضیحات ...