ssrf检测漏报 - Githubissues

depycode / burpsuite_hack

一款代理扫描器

502 stars 60 forks source link

ssrf检测漏报 #10

Closed aa506 closed 1 year ago

aa506 commented 1 year ago

靶场： http://124.221.200.152:8000/ 检测ssrf

在数据库中看到有扫描靶场记录

dnslog平台也有数据，未生成ssrf检测成功报告

depycode commented 1 year ago

https://github.com/depycode/burpsuite_hack/blob/master/lib/plugins/ssrf.py#L75 这段查询逻辑自己修改下

aa506 commented 1 year ago

ok