Skip to main content
CTF Support
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. CTF Support
  2. /
  3. Web Exploitation
  4. /
  5. Server-Side Request Forgery (SSRF)
Edit page

Server-Side Request Forgery (SSRF)

Introduction

SSRF allows an attacker to force a vulnerable server to perform HTTP requests to internal resources or remote endpoints. This can bypass firewalls, access metadata, or exfiltrate secrets.

Resources

Resource Description
PayloadAllTheThings Comprehensive SSRF payloads, tools and techniques
HackTricks In-depth SSRF exploitation methods

Example (Python) 

import requests

def fetch_url(url):
    response = requests.get(url)
    return response.text

url = input('Enter a URL: ')
print(fetch_url(url))

Exploit input:

http://localhost/admin

The server requests the internal admin page and returns it to the attacker.

Tips

  • Try localhost targets like http://127.0.0.1, http://169.254.169.254, or file:///etc/passwd.
  • Detect SSRF via DNS rebinding or external collaborator interactions.
  • Encode payloads or use redirects for blind SSRF exploitation.
  • Useful tools: interactsh, dnslog.cn, ngrok for callback confirmation.