Open Anemone95 opened 5 years ago
http://anemone.top/ssrf-SSRF%E6%88%90%E5%9B%A0%E3%80%81%E6%94%BB%E5%87%BB%E5%92%8C%E9%98%B2%E5%BE%A1/
SSRF成因SSRF是指存在漏洞的服务器存在对外发起请求的功能,而请求源可由攻击者控制并且服务器本身没有做合法验证,诸如如下代码: 123456789101112131415<?PHP $url = $_GET['url']; $ch = CURL_INIT(); CURL_SETOPT($ch, CURLOPT_URL, $url); CURL_SETOPT($ch
http://anemone.top/ssrf-SSRF%E6%88%90%E5%9B%A0%E3%80%81%E6%94%BB%E5%87%BB%E5%92%8C%E9%98%B2%E5%BE%A1/
SSRF成因SSRF是指存在漏洞的服务器存在对外发起请求的功能,而请求源可由攻击者控制并且服务器本身没有做合法验证,诸如如下代码: 123456789101112131415<?PHP $url = $_GET['url']; $ch = CURL_INIT(); CURL_SETOPT($ch, CURLOPT_URL, $url); CURL_SETOPT($ch