Captain-K-101
commented
3 years ago Hi There yea sure , i'll be happy to but i am currently a bit busy, i'll send it in the upcoming 2-3 days
Open PunitTailor55 opened 3 years ago
Captain-K-101
commented
3 years ago Hi There yea sure , i'll be happy to but i am currently a bit busy, i'll send it in the upcoming 2-3 days
dycyber
commented
2 years ago Hi Captain,I think you forgot. I take the liberty to ask you for a writeup. Thanks!
sahilabbasi
commented
2 years ago Can we fetch forbidden file using fopen() in php
Captain-K-101
commented
2 years ago Hey @dycyber, sorry for the late response, but for writeup, i am currently swarmed with work so might not be able to make a writeup for this in the upcoming future but once free will definitely get on this . The attacks are pretty simple to exploit basic understanding of SSRF should be enough for exploitation for any reference materials or stuff u can ping me on twitter @Captainkay11
Captain-K-101
commented
2 years ago @sahilabbasi if u do have control over the fopen name parameter being passed it's possible to read files using basic lfi, but again there would be certain criteria too ,ie adequate permissions be there to read etc...
sahilabbasi
commented
2 years ago Bro i ask it that can we fetch forbidden file (flag.php ) using ssrf Vulernbility because when I try to fetch it it's only give me a forbidden error :(
Hi Captain! I am creating lab for SSRF. COuld you possibly share writeup for your tasks? Thank you