Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

internal resource request bug #2001

Merged
merged 1 commit into from
Apr 17, 2023

Conversation

REal0day
Copy link
Contributor

Background

The web_requests.py module attempts to identify if a document is internal or not. There are a few ways to bypass these. A common attack for access internal resources is SSRF. More information can be found here: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Request%20Forgery/README.md

Changes

I added a few extra items to the list for checking to see if the program is access internal resources. The startswith() function only checks the first part of the string, which could disallow legitimate domains too like http://localhost.something.com. The biggest change was to add '127.0.0.1' as a localhost.

Documentation

I didn't add any comments, as I can imagine this might just add clutter to the overall program itself, with everyone commenting little changes like this.

Test Plan

I wrote a list of internal links and attempted to access them and found that they were not caught.

PR Quality Checklist

  • My pull request is atomic and focuses on a single change.
  • I have thoroughly tested my changes with multiple different prompts.
  • I have considered potential risks and mitigations for my changes.
  • I have documented my changes clearly and comprehensively.
  • I have not snuck in any "extra" small tweaks changes

@nponeccop nponeccop added B7 bug Something isn't working labels Apr 16, 2023
@p-i- p-i- merged commit a2a6f84 into Significant-Gravitas:master Apr 17, 2023
@nponeccop nponeccop mentioned this pull request Apr 17, 2023
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants