2. 2
Server-Side Request Forgery (SSRF)
SSRF
Server Side Request Forgery (SSRF) refers to an attack where in an attacker is able to send a crafted request
from a vulnerable web application. SSRF is usually used to target internal systems behind firewalls that are
normally inaccessible to an attacker from the external network.
Typically Server Side Request Forgery (SSRF) occurs when a web application is making a request, where an
attacker has full or partial control of the request that is being sent. A common example is when an attacker can
control all or part of the URL to which the web application makes a request to some third-party service.
3. 3
CSRF – Attack Explanation
Attack explanation
• The Firewall allows all users use HTTP service.
• The Firewall blocks SSH request.
• The attacker use HTTP service from Web Server to gain SSH Access at the internal network. (Via HTTP
the Firewall doesn’t block the request.
4. 4
SSRF Prevention
Protection
To prevent SSRF vulnerabilities in your web applications it is strongly advised to use a whitelist of allowed domains
and protocols from where the web server can fetch remote resources.
Also, as a rule of thumb you should avoid using user input directly in functions that can make requests on behalf of
the server. You should also sanitize and filter user input, but it is typically very hard to implement mainly because it is
virtually impossible to cover all the different scenarios.