Skip to content

SSRF Bypass ChallengeΒ #2

New issue
New issue
Open
Open
SSRF Bypass Challenge#2
Labels
bugSomething isn't workingenhancementNew feature or requesthelp wantedExtra attention is needed
@Soham7-dev

Description

@Soham7-dev
Soham7-dev
opened on Aug 31, 2025

πŸ”’ Security Lab Enhancement : SSRF Bypass Challenge

Description

Currently, AspGoat includes one SSRF lab with both:

  • ❌ Vulnerable version
  • βœ… Secure version (with basic whitelist)

However, in real-world scenarios, attackers may find ways to bypass the secure code as well (e.g., via redirects, alternate encodings, or dns rebinding).

Tasks

  • Analyze the current SSRF "secure" implementation via AspGoat UI (Login -> SSRF lab -> Identify Vulnerability -> Secure Code Modal).
  • Copy the Secure Code and replace the Vulnerable Code with the Secure Code inside Controllers/HomeController.cs under SSRF POST ACTION
Image
  • Now try various methods to bypass this protection. (Note: Modifying the /etc/hosts file via RCE or manually to gain access to an internal ip address does not count πŸ˜…)

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workingenhancementNew feature or requesthelp wantedExtra attention is needed

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions