Yettishare / MFScripts.com - Server Side Request Forgery

2019.04.30

Con7ext (ID)

Risk: Medium

Local: Yes

Remote: Yes

CVE: N/A

CWE: N/A

Dork: intext:"File Sharing Script Created By MFScripts.com"

### AUTHOR : Con7ext

Dork : intext:"File Sharing Script Created By MFScripts.com"
You must login/register to website

Exploit:
file://

1. Register To website
2. Upload Files (Remote Url Upload)
3. Open Burp Suite -> edit parameter url=http://blabla.com to url=file:///whathever/a.php
Ex: url=file:///etc/passwd
4. Reload you can see passwd in your file list
5. Download...

Video Tutorial:
https://www.facebook.com/Con7ext/videos/vb.100011931345675/533812490359791/?type=2&video_source=user_video_tab

References:

https://medium.com/@madrobot/ssrf-server-side-request-forgery-types-and-ways-to-exploit-it-part-1-29d034c27978

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Yettishare / MFScripts.com - Server Side Request Forgery

Dork: intext:"File Sharing Script Created By MFScripts.com"

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.