Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "XMLRPC Pingback SSRF" module is a test case designed to detect a server-side request forgery (SSRF) vulnerability in XML-RPC pingback functionality. This module targets systems that use XML-RPC pingback and have a potential SSRF vulnerability. The severity of this vulnerability is classified as high.
A server-side request forgery (SSRF) vulnerability allows an attacker to make requests from the vulnerable server to other internal or external resources. In the case of the "XMLRPC Pingback SSRF" module, an attacker could potentially exploit this vulnerability to perform unauthorized actions, such as accessing internal resources or launching attacks against other systems.
The "XMLRPC Pingback SSRF" module works by sending a POST request to the "/xmlrpc/pingback" endpoint with a specific XML payload. The payload includes a URL parameter that represents the interaction URL. The module then checks if the response contains the "http" protocol, indicating a potential SSRF vulnerability.
Here is an example of the HTTP request sent by the module:
POST /xmlrpc/pingback HTTP/1.1
Host: {%Hostname%}
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
<?xml version="1.0" encoding="UTF-8"?>
<methodCall>
<methodName>pingback.ping</methodName>
<params>
<param>
<value>http://{%InteractionURL%}</value>
</param>
</params>
</methodCall>
The module also includes a matching condition that checks if the response contains the "http" protocol. If the condition is met, the module will report the vulnerability.