How to perform Manual SSRF Attacks

What is Manual SSRF?

Manual Server-Side Request Forgery (SSRF) involves exploiting SSRF vulnerabilities by manually manipulating variables that reference URLs. This can be done by modifying the URL or by using tools such as Burp Suite to intercept and modify requests. This type of attack can lead to unauthorized actions or access to data within the server's private network.

Manual SSRF Example

Here is a different example of a manual SSRF attack:


             // Original URL
             http://example.com/api?endpoint=http://api.example.com/data
     
             // Modified URL
             http://example.com/api?endpoint=http://internal.example.com/secrets

In this example, the attacker modifies the "endpoint" parameter in the URL to reference a page within the server's private network that contains sensitive information.

Prevention

Preventing manual SSRF attacks involves proper input validation, sanitization, and limiting the server's ability to initiate requests. This includes:

Input validation: Validate user input by only accepting expected values.
Use allow lists: Only allow known good input to pass through.
Sanitize input: Remove or replace special characters from user input.
Limit server requests: Limit the server's ability to initiate requests to other resources.