Server-Side Request Forgery (SSRF)

Server-Side Request Forgery allows an attacker to manipulate server variables, forcing the server to send HTTP or socket requests to internal subnets, AWS metadata endpoints, or external domains.

Target Recon Testing Checklist

1.Locate fields accepting URLs (e.g., profiles importing image URLs, webhooks).
2.Test request redirections to localhost (127.0.0.1:80, localhost:22).
3.Test request redirections to AWS IMDS credentials server: http://169.254.169.254/latest/meta-data/
4.Test server connections to internal database ports (5432, 6379, 27017).
5.Bypass filter checks using DNS rebinding or decimal IP representations.

Testing Parameters & Payloads

http://127.0.0.1:22

http://169.254.169.254/latest/meta-data/local-hostname

http://2130706433/ (decimal format for 127.0.0.1)

http://local.targets.internal:5432

Mitigation & Safe Development Guidelines

Whitelist allowed destination hosts/domains for outward requests.
Configure network-level routing policies to prevent public servers accessing internal addresses.
Parse and validate input URLs server-side. Do not follow redirects automatically.

0MRADE

xc0mrade@root

Loading0%

Bug Bounty Programs

Vulnerability Disclosure (VDP)

Free Security Audit

UPI & FinSec Security

Healthcare MedSec Shield

Startup Founder Audit

XC0MRADE Secured Badge

Programs Directory

Leaderboard

Skill Passport

Academic College Network

Cyber Insurance Discounts

Blog

Documentation

Trust & Safety

About Us

Contact

Careers

Privacy Policy

Terms of Service

Server-Side Request Forgery (SSRF)

Target Recon Testing Checklist

Testing Parameters & Payloads

Mitigation & Safe Development Guidelines

Server-Side Request Forgery (SSRF)

Target Recon Testing Checklist

Testing Parameters & Payloads

Mitigation & Safe Development Guidelines