Back to directory
WRITEUP #4555

Story of a 2.5k Bounty — SSRF on Zimbra Led to Dump All Credentials in Clear Text

SSRF
by@YShahinzadeh(Yashar Shahinzadeh)
Bounty
2,500
Program
Cafebazaar
Published
Jul 2, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://infosecwriteups.com/story-of-a-2-5k-bounty-ssrf-on-zimbra-led-to-dump-all-credentials-in-clear-text-6fe826005ccc
RELATED WRITEUPS
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
IIS welcome page to source code review to LFI!
SSRFLFI
NTLM Credential Theft in Python Windows Applications
SSRFNTLMv2 hash disclosure
Vulnerabilities in Homepage Dashboard
RCESSRF
SSRFing the Web with the help of Copilot Studio
SSRF

Built with ❤️ by Shubham Rawat