Educational lab environment for learning Server-Side Request Forgery (SSRF) attacks in realistic scenarios.
THIS APPLICATION CONTAINS INTENTIONAL VULNERABILITIES
- 🚫 DO NOT deploy in production
- 🚫 DO NOT expose to the internet
- ✅ Use ONLY in isolated environments
- ✅ For educational purposes only
- URL fetching without validation
- Accessing internal services
- Gopher protocol exploitation
- Redis protocol smuggling → RCE
- PoC : https://github.com/yassertioursi/web-security-ssrf-lab/blob/master/SSRF_SIMPLE_POC.md
- Error-based detection
- Time-based port scanning
- Service discovery without response data
- PoC : https://github.com/yassertioursi/web-security-ssrf-lab/blob/master/SSRF_BLIND_POC.md
- TOCTOU (Time-of-Check-Time-of-Use) exploitation
- Bypassing IP-based validation
- DNS rebinding attacks
- https://github.com/yassertioursi/web-security-ssrf-lab/blob/master/dns_rebinding_exploit.py
- Docker & Docker Compose
- 1GB+ free RAM
git clone https://github.com/yassertioursi/laravel-ssrf-lab.git
cd laravel-ssrf-lab/ssrf
docker-compose up -d
http://localhost:8000docker-compose ps
┌─────────────────────┐
│ Your Browser │
│ localhost:8000 │
└──────────┬──────────┘
│
▼
┌─────────────────────┐ Gopher ┌─────────────────────┐
│ Laravel App │──────────────▶│ Redis │
│ - SSRF endpoints │ │ - No auth │
│ - Port 8000 │ │ - Port 6379 │
└─────────────────────┘ └─────────────────────┘
Services:
- Laravel App (SSRF vulnerable)
- Redis (Gopher protocol target)
MIT License - For educational use only
Remember: Practice ethical hacking. Only test systems you own or have permission to test.
This project is for educational purposes only. Use responsibly.
Remember: Always practice ethical hacking. Only test systems you have explicit permission to test.