Skip to content
/ nginx-ssrf-sample Public
forked from knqyf263/ssrfnginx

Nginx SSRF vulnerable environments for study

License

Apache-2.0 license
3 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tkmru/nginx-ssrf-sample

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits

screenshots

screenshots

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

index.html

index.html

 
 

vulnerable.conf

vulnerable.conf

 
 

Repository files navigation

Nginx SSRF sample app

There is a vulnerability in Nginx that can be caused by misconfiguration. One of them is SSRF.

top

flag

How to use

Dockerfile exists. Sample app work on any port.

$ docker build -t nginx-ssrf .
$ docker run -d -p 127.0.0.1:3000:80 nginx-ssrf:latest

Tools to find

Gixy is a tool to analyze Nginx configuration.

$ gixy vulnerable.conf 

==================== Results ===================

>> Problem: [ssrf] Possible SSRF (Server Side Request Forgery) vulnerability.
Description: The configuration may allow attacker to create a arbitrary requests from the vulnerable server.
Additional info: https://github.com/yandex/gixy/blob/master/docs/en/plugins/ssrf.md
Reason: At least variable "$1" can contain untrusted user input
Pseudo config:

server {
  server_name localhost;

  location ~ /proxy/(.*)/(.*)$ {
    proxy_pass http://$1/$2;
  }
}

==================== Summary ===================
Total issues:
    Unspecified: 0
    Low: 0
    Medium: 0
    High: 1

License

Apache License

About

Nginx SSRF vulnerable environments for study

Topics

nginx demo-app websecurity vulnerability-environment

Resources

Readme

License

Apache-2.0 license
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • HTML 61.5%
  • Dockerfile 38.5%