INFRA - example.py with a GET SSRF

README.md

@@ -71,6 +71,7 @@ Feel free to add any feature listed below or a new service.
 - aws and other cloud providers - extract sensitive data from http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy and more
 - sockserver  - SSRF SOCK proxy server - https://github.com/iamultra/ssrfsocks
 - handle request with file in requester
+- requester injection point in file (if param = None, check SSRFMAP in reqFile and replace with the payload)
 - add https://github.com/cujanovic/SSRF-Testing ip.py into the ip generator from core.utils
 
   ```powershell

core/requester.py

@@ -17,7 +17,7 @@ def __init__(self, path):
                 content = f.read().strip()
         except IOError as e:
             logging.error("File not found")
-            return
+            exit()
 
         try:
             # Parse method and action URI

data/example.py

@@ -25,6 +25,12 @@ def ssrf2():
     content = command("curl {}".format(data.get('url')))
     return content
 
+# curl -v "http://127.0.0.1:5000/ssrf3?url=ssrf" 
+@app.route("/ssrf3", methods=['GET'])
+def ssrf3():
+    data = request.values
+    content = command("curl {}".format(data.get('url')))
+    return content
 
 def command(cmd):
 	proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, shell=True)
@@ -33,5 +39,6 @@ def command(cmd):
 
 if __name__ == '__main__':
     app.run(host='127.0.0.1', port=5000, debug=True)
+
 # FLASK_APP=example.py flask run
 # NOTE: this file should become a simple ssrf example in order to test SSRFmap

data/request3.txt

@@ -0,0 +1,9 @@
+GET /ssrf3?url=SSRF HTTP/1.1
+Host: 127.0.0.1:5000
+User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+Referer: http://mysimple.ssrf/
+Connection: close
+Upgrade-Insecure-Requests: 1