We solve a Burp Web Security Academy lab with the title 'SSRF with Blacklist-Based Input Filter'. This is a standard SSRF attack aside from the fact that two weak anti-SSRF protections have been implemented on the server. We take a look at obfuscation techniques that bypass the these protections.
Support This Channel
======================
Please like and subscribe, it means a lot!
Join our Discord
https://discord.gg/E9Ksg9MzZ4
00:00 Introduction
00:33 Exploring the Lab
01:27 Tampering with the API URL
02:49 Obfuscation techniques
06:07 Solving the lab
06:37 Post analysis
