Web Page Test - Server Side Request Forgery (SSRF)

What is the "Web Page Test - Server Side Request Forgery (SSRF)" module?

The "Web Page Test - Server Side Request Forgery (SSRF)" module is designed to detect the presence of a server-side request forgery vulnerability in the Web Page Test software. This vulnerability can allow an attacker to manipulate the server into making unintended requests to internal resources or external systems, potentially leading to unauthorized access or data leakage. The severity of this vulnerability is classified as high.

This module was authored by pdteam.

Impact

A successful exploitation of the server-side request forgery vulnerability in Web Page Test can have serious consequences. It can enable an attacker to bypass security controls and gain unauthorized access to sensitive information or internal systems. This can lead to data breaches, unauthorized data modifications, or even complete system compromise.

How does the module work?

The "Web Page Test - Server Side Request Forgery (SSRF)" module works by sending a specific HTTP request to the target system and analyzing the response. The module uses the following matching conditions to identify the presence of the vulnerability:

- The response should contain the phrase "File is not a JPEG Image". - The interaction protocol used in the request should be "http".

If both conditions are met, the module flags the presence of the server-side request forgery vulnerability in the Web Page Test software.

Here is an example of the HTTP request sent by the module:

GET /jpeginfo/jpeginfo.php?url={%InteractionURL%} HTTP/1.1

The module sends this request to the target system and checks if the response meets the specified matching conditions.

Reference:

- https://thinkloveshare.com/hacking/preauth_remote_code_execution_web_page_test/ - https://github.com/WPO-Foundation/webpagetest

Metadata:

- max-request: 1 - verified: true - shodan-query: title:"WebPageTest"