What You Need To Know About Server Side Request Forgery (SSRF)

Keep on Guard!


SSRF or Server Side Request Forgery is an attack vector that has been around for a long time, but do you actually know what it is?

Server Side Request Forgery (SSRF) refers to an attack where in an attacker is able to send a crafted request from a vulnerable web application. SSRF is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network.

What You Need To Know About SSRF - Server Side Request Forgery

Typically Server Side Request Forgery (SSRF) occurs when a web application is making a request, where an attacker has full or partial control of the request that is being sent. A common example is when an attacker can control all or part of the URL to which the web application makes a request to some third-party service.

There are various things you can use SSRF for such as:

  • Scanning other machines within the private network of the vulnerable server that aren’t externally accessible
  • Performing Remote File Inclusion (RFI) attacks
  • Bypassing firewalls and use the vulnerable server to carry out malicious attacks
  • Retrieving server files (including /etc/passwd etc)

This is example code in PHP that is vulnerable to SSRF:

You can read more from Acunetix here:

What is Server Side Request Forgery (SSRF)?


Tags: , , , , , , ,

Posted in: Advertorial, Web Hacking | Add a Comment

SAML Raider – SAML2 Security Testing Burp Extension

Outsmart Malicious Hackers


SAML Raider is a Burp Suite extension for SAML2 security testing, it contains two core functionalities – Manipulating SAML Messages and managing X.509 certificates.

SAML Raider - SAML2 Security Testing Burp Extension

The extension is divided into two parts, a SAML message editor and a certificate management tool.


Features

Message Editor

Features of the SAML Raider message editor:

  • Sign SAML Messages
  • Sign SAML Assertions
  • Remove Signatures
  • Edit SAML Message (Supported Messages: SAMLRequest and SAMLResponse)
  • Preview eight common XSW Attacks
  • Execute eight common XSW Attacks
  • Send certificate to SAMl Raider Certificate Management
  • Undo all changes of a SAML Message
  • Supported Profiles: SAML Webbrowser Single Sign-on Profile, Web Services Security SAML Token Profile
  • Supported Bindings: POST Binding, Redirect Binding, SOAP Binding, URI Binding

Certificate Management

Features of the SAML Raider Certificate Management:

  • Import X.509 certificates (PEM and DER format)
  • Import X.509 certificate chains
  • Export X.509 certificates (PEM format)
  • Delete imported X.509 certificates
  • Display informations of X.509 certificates
  • Import private keys (PKCD#8 in DER format and traditional RSA in PEM Format)
  • Export private keys (traditional RSA Key PEM Format)
  • Cloning X.509 certificates
  • Cloning X.509 certificate chains
  • Create new X.509 certificates
  • Editing and self-sign existing X.509 certificates

You can download SAML Raider here:

saml-raider-1.2.1.jar

Or read more here.


Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment

faker.js – Tool To Generate Fake Data For Testing

Outsmart Malicious Hackers


faker.js is a tool to generate fake data in Node.js and in the browser, it has a lot of different data types to enable you to generate very customised and complete sets of fake or mock data for testing purposes.

faker.js - Tool To Generate Fake Data

It also supports multiple languages and locales and can generate a lot of data types to fit your use case.


Data Types

  • address
  • commerce
  • company
  • database
  • date
  • finance
  • hacker
  • helpers
  • image
  • internet
  • lorem
  • name
  • phone
  • random
  • system

Usage

Browser

Node.js

You can download faker.js here:

faker.js-v4.1.0.zip

Or read more here.


Tags: , , , , , , , , ,

Posted in: Hacking Tools, Programming | Add a Comment
Should US Border Cops Need a Warrant To Search Devices?

Should US Border Cops Need a Warrant To Search Devices?

The answer from me is, OF COURSE, f&ck yes. They can’t search your home, car and anywhere else in the country, they would need a warrant to search devices too. A case by the EFF (Electronic Frontier Foundation) is heading to the Fifth Circuit Court of Appeals in the US to find out what should […]

Tags: , , , , , , ,

Posted in: Legal Issues, Privacy | Add a Comment
jSQL - Automatic SQL Injection Tool In Java

jSQL – Automatic SQL Injection Tool In Java

jSQL is an automatic SQL Injection tool written in Java, it’s lightweight and supports 23 kinds of database. It is free, open source and cross-platform (Windows, Linux, Mac OS X) and is easily available in Kali, Pentest Box, Parrot Security OS, ArchStrike or BlackArch Linux. Features Automatic injection of 23 kinds of databases: Access CockroachDB […]

Tags: , , , , , , , , , ,

Posted in: Database Hacking, Hacking Tools | Add a Comment
Jack - Drag & Drop Clickjacking Tool

Jack – Drag & Drop Clickjacking Tool For PoCs

Jack is a Drag and Drop web-based Clickjacking Tool for the assistance of development in PoCs made with static HTML and JavaScript. Jack is web based and requires either a web server to serve its HTML and JS content or can be run locally. Typically something like Apache will suffice but anything that is able […]

Tags: , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
US Voting Machines Hacked At DEF CON - Every One

US Voting Machines Hacked At DEF CON – Every One

US Voting Machines Hacked, some in minutes at this year’s DEF CON “Voting Village” – not something you want to hear really. Especially with the results of recent elections that the World is currently dealing with the consequences from. Of course with physical access, most machines can be dominated in some way or another – […]

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking, Legal Issues | Add a Comment
CrackMapExec - Post-Exploitation Tool

CrackMapExec – Active Directory Post-Exploitation Tool

CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve its functionality and allowing it to evade most endpoint protection/IDS/IPS solutions. CME makes heavy use of […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking | Add a Comment
EvilAbigail - Automated Evil Maid Attack For Linux

EvilAbigail – Automated Evil Maid Attack For Linux

EvilAbigail is a Python-based tool that allows you run an automated Evil Maid attack on Linux systems, this is the Initrd encrypted root fs attack. An Evil Maid attack is a type of attack that targets a computer device that has been shut down and left unattended. An Evil Maid attack is characterized by the […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Linux Hacking | Add a Comment