mixed_scripts/ssrf_html.php at master · dc401/mixed_scripts · GitHub

21 lines (20 loc) · 779 Bytes

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

<html>

<body>

<form action="" method="get">

URL: <input type="text" name="url"><br>

<input type="submit" name="submit_ssrf">

</form>

Results:

<?php

if(isset($_GET['submit_ssrf'])) {

if (!empty($_GET["url"])) {

echo "<pre>";

echo htmlentities(file_get_contents($_GET["url"]));

echo "</pre>";

}

}

?>

</body>

</html>

//this is a modified code to mimic https://www.sans.org/blog/cloud-instance-metadata-services-imds-/

//xtecsystems.com/research