Back to directory
WRITEUP #178

Unauthenticated SSRF on Havoc C2 teamserver via spoofed demon agent

SSRFSecurity code review
by@_chebuya(chebuya)
Program
Havoc C2
Published
Jul 13, 2024
Added to HackDex
Jul 30, 2024
Read Full Writeuphttps://blog.chebuya.com/posts/server-side-request-forgery-on-havoc-c2/
RELATED WRITEUPS
IIS welcome page to source code review to LFI!
SSRFLFI
NTLM Credential Theft in Python Windows Applications
SSRFNTLMv2 hash disclosure
CVE-2024-38428 Wget Vulnerability: All you need to know
SSRFMiTM
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
Getting code execution on Veeam through CVE-2023-27532
RCEInsecure deserialization

Built with ❤️ by Shubham Rawat