0xdf
In this video, the creator explores how to abuse a proxy fetch API endpoint using an SSRF to fetch a site. They build a Flask/Python app that will act as a custom proxy to forward specific requests to the appropriate location while using Burp to help troubleshoot any issues. The creator writes a web server using Python to act as a proxy that always returns "High" regardless of the path visited. They also discuss debugging the code to find the necessary digest using the re library to search for a specific session string and then discuss base64 encoding the request body before sending it through the proxy. The creator also discusses testing the proxy and successfully interacting with a chat app. Overall, the creator demonstrates the thought process and development process behind building an HTTP proxy to abuse SSRF.
In this section, Alex DF discusses how to abuse a proxy fetch API endpoint that allows users to use an SSRF to fetch a site. To do this, he builds a Python proxy that helps to interact with the API endpoint to get the response back and sends it to Firefox, so Firefox thinks it's interacting with the website directly. Alex DF also discusses how the digest is used to prevent others from using the proxy for unauthorized purposes. However, he finds a way to exploit it by using a session ID to create a digest, getting the response back, and confirming that it's possible to test the processions with the same digest.
In this section of the transcript excerpt, the speaker discusses the need to build a proxy to interact with the HTTP server-side request forgery vulnerability (SSRF) in a browser. The current method of directly manipulating the digest is too manual and difficult to interact with, thus prompting the need for a more automated proxy. The plan is to build a flask/python application that will act as a custom proxy to forward specific requests to the appropriate location while using burp to help troubleshoot any issues that arise. The flask app will have two app routes on the same function path.
In this section, the speaker discusses writing a web server using Python to act as a proxy. This server will always return "High" no matter what path is visited. With this server in place, the speaker moves on to explain how to make a request to fetch API and create a body for it. They also talk about the need to create a function to get a digest and import the `request` module for making requests, setting cookies, and proxying HTTP requests through Burp. The speaker states that they will return the response to themselves, but mentions the need to complete the `get_digest()` function before the HTTP proxy will work.
In this section, the speaker is discussing the process of building an HTTP proxy to abuse SSRF in HackTheBox. They go through the steps of setting up the proxy and debugging the code to find the necessary digest, using the re library to search for a specific session string. They also discuss enabling an upstream proxy server in BurpSuite to forward the request and response messages to the local proxy server. The code is then tested with various requests and responses to ensure it is working properly.
In this section of the video, the speaker successfully proxies data and works on decoding the base64 encoded content in the response. However, the website still shows errors due to incorrect MIME types for CSS and JavaScript files. The speaker demonstrates how to fix this issue by importing a response object from Flask and setting the correct MIME types using a trick that involves getting the file extension from the URL. The video ends with the speaker setting a breakpoint and using the debug console to see if they can figure out how to get the correct file extension.
In this section of the video, the creator discusses building an HTTP proxy to abuse SSRF and goes through some code debugging. They examine the requests and focus on the path in the request, filtering out the parameters. They adjust some code to handle errors and get rid of debugging errors. They also mention a failing post request and discuss accepting different types of request methods. Finally, they examine the body of the post request and adjust the code to handle that.
In this section of the video, the creator continues to debug the code and encounters some errors related to incorrect padding and invalid base64 encoding. This leads the creator to believe that they need to base64 encode the request body before sending it through the proxy. With these changes made, the creator is able to successfully test the proxy and even use it to interact with a chat app on the targeted website. Overall, the creator demonstrates the thought process and development process behind creating an HTTP proxy to abuse SSRF.
No videos found.
No related videos found.
No music found.