Writeup: SSRF with whitelist-based input filter
Lab link. Another SSRF measure is Whitelist-Based. The application only allows entries that match a whitelist. The filter can search for a match inside the input. We bypass this filter by exploiting inconsistencies in URL parsing. We try to find an SSRF vulnerability in the check stock feature in the application. We try some SSRF …