Basic SSRF against the local server
Let's click on View details
.
If we click on Check stock
, the application returns us the available units.
We can now intercept this request in Burpsuite.
Let's send it to the Repeater
so that we can modify and forward the request.
We can set the stockApi
field to the following, so that the server return the content to us:
http://localhost/admin
Let's send the request.
The application returned the content of /admin
.
We can now set the setAPI
field to he following:
http://localhost/admin/delete?username=carlos
This will cause the application to delete the carlos
user on our behalf.
We have solved the lab.