Home > Blockchain >  Secure Code Warrior Server-Side Request Forgery
Secure Code Warrior Server-Side Request Forgery

Time:07-16

I am currently doing a problem on Secure Code Warrior's Java basic package, and the topic is server-side request forgery. The task is to try and access the "/vault" api through a parameter url. One of the files requires that the ip address starts with 127.0 or ::1, which I'm pretty sure means that we just have to access this /vault api from within the local system. However, I have been unsuccessful in trying to access /vault through changing the url parameter in the question.

CodePudding user response:

I've just done it, and here is how. You should input everything beginning from statements

https://..../statements/13?url=http://127.0.0.1:5000/vault

Page link:https//www.codepudding.com/Blockchain/477132.html

Prev:Extracting certain values from a large URL string in javascript?
Next:How to perform search query with mongo and mongoose with react.js?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding