CTFLover Vault
10 - Recon

Pasted image 20240108185418.png

Pasted image 20240108185933.png

Vulnerable to CVE-2023-27163
Pasted image 20240108190155.png
Pasted image 20240108190244.png

Now when i try to access the basket i get a response to my netcat listner
Pasted image 20240108190451.png

Pasted image 20240108190629.png

Now when we reload the basket url we are able to reach localhost. SSRF confirmed
Pasted image 20240108190731.png

Pasted image 20240108190803.png

It is vulnerable to RCE https://github.com/spookier/Maltrail-v0.53-Exploit

Pasted image 20240108191020.png

The vulnerability exists in login page and we are not able to access the web server.

Trying /login in SSRF ->
Pasted image 20240108191136.pngPasted image 20240108191155.png

Pasted image 20240108191248.png

Table Of Contents