Table of Contents
Blind SSRF
1: The controlled server URL is used as a payload.
Bad security practices and their bypass in cybersecurity
Blacklist using Regular Expression or Keyword:
Bypass Blacklist:
A. Using encoding:
1: Decimal encoded version of 127.0.0.1 is 2130706433.
2: 127.1 resolves to 127.0.0.1
3: Octal representation of 127.0.0.1 is 01770000001
B. DNS Rebinding (Domain with Internal IP).
C. HTTP Redirection (Server that redirects to Internal IP).
D. Exploiting URL Parser.
