Back to directory

WRITEUP #3739

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

SSRFRCE

by@SirLeeroyJenkin(SirLeeroyJenkins)

Bounty

15,000

Program

-

Published

May 17, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://sirleeroyjenkins.medium.com/just-gopher-it-escalating-a-blind-ssrf-to-rce-for-15k-f5329a974530

▸ RELATED WRITEUPS

Vulnerabilities in Homepage Dashboard

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

RCEConfusion attack

Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Built with ❤️ by Shubham Rawat