BOOK THIS SPACE FOR AD
ARTICLE ADHi,
Today, I’m excited to share a discovery of an SSRF (Server-Side Request Forgery) vulnerability so straightforward it left me in disbelief.
The vulnerability existed in a target AI capable of engaging in conversation and returning content. This piqued my curiosity: could I coax it into accessing an SSRF verification link autonomously? According to the platform’s rules, a successful request to http://target.com/flag.html containing specific flag content would confirm a postback SSRF vulnerability.
Eager to test this, I initiated my first interaction with the AI. My strategy involved converting http://target.com/flag.html into a shortened URL and directing the AI to this link, essentially asking it to 'check out this address for me' via our shortened link. To my astonishment, the AI returned the flag immediately!
Upon reporting this to the target platform, my findings were recognized as a high-risk vulnerability.
Though the platform swiftly implemented a fix, I found a way to circumvent this measure. By performing a DNS rebinding attack on the SSRF verification URL, I modified it to: http://95584793.091598f9.rbndr.us/flag.html.
After converting this address into another shortened URL, I resumed my dialogue with the AI. Persisting through several attempts, I successfully retrieved the flag once more.