O'Reilly logo

Real-World Bug Hunting by Peter Yaworski

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

10SERVER-SIDE REQUEST FORGERY

Image

A server-side request forgery (SSRF) vulnerability allows an attacker to make a server perform unintended network requests. Like a cross-site request forgery (CSRF) vulnerability, an SSRF abuses another system to perform malicious actions. While a CSRF exploits another user, an SSRF exploits a targeted application server. As with CSRFs, SSRF vulnerabilities can vary in impact and execution methods. However, just because you can make a targeted server send requests to other arbitrary servers doesn’t mean the targeted application is vulnerable. The application may intentionally allow this behavior. For this reason, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required