all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Hex Marks the Spot: Bypassing SSRF Protection

Add to bookmarks
Sept. 27, 2023, 10:36 a.m. | Josh Beck

System Weakness - Medium systemweakness.com

iCSI@NEISD Cybersecurity Classroom

Dear Cybersecurity Educators and Penetration Testing Enthusiasts:

This short CTF activity is designed to illuminate the concept of Server Side Request Forgery (SSRF). In this lab, participants will encounter a web form with a unique twist on IPv4 addressing. While some paths may seem blocked, remember that there’s more than one way to represent an IP address.

Approximate Time to Completion: 5–10 minutes

Key Security+ Exam Concepts: SSRF and the versatile representation of IPv4 …

blocked bypassing concept ctf ctf-writeup cybersecurity forgery hex icsi ipv4 lab may penetration penetration testing protection request server server side ssrf testing web

Visit resource

More from systemweakness.com / System Weakness - Medium

Clocky | TryHackMe Write-up 6 hours ago | systemweakness.com
ctf ctf-writeup tryhackme tryhackme-walkthrough +1
Bypassing Aquatone’s lack of ability to take screenshots of private websites 6 hours ago | systemweakness.com
automation cybersecurity hacking pentesting +1
Tuesday Morning Threat Report: Apr 30, 2024 6 hours ago | systemweakness.com
analysis artificial intelligence bad customers +21
Staying Anonymous — Ethical Hacking as a Beginner [09] 6 hours ago | systemweakness.com
anonymous beginner communication cybersecurity +22
Safeguarding the Virtual Frontier 6 hours ago | systemweakness.com
awareness click collaboration critical +24
The Ultimate Guide to CISSP’s Eight Security Territories 6 hours ago | systemweakness.com
bug bounty cybersecurity information security information technology +1
Keep your API keys safe (OpenAI, Together AI, etc.) 6 hours ago | systemweakness.com
cybersecurity data science encryption generative-ai-tools +1
Unveiling the World of Wireless Access: A Comprehensive Exploration 6 hours ago | systemweakness.com
access continue cybersecurity devices +13
Crack the Code: A Hacker’s Guide to Hack Home Wi-Fi Network 6 hours ago | systemweakness.com
cybersecurity hacking penetration testing technology +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs