Tib3rius Jun 7, 2024
What Day Is It? #bambda #portswigger #cybersecurity #infosec #appsec
LauritzNov 30, 2023

#BurpSuite #Bambda to detect Blind SSRF via OpenID Connect "request_uri" using out-of-bound detection (e.g. Collaborator).

The vulnerable URL is b64-encoded and included within the canary URL.

👉 https://gist.github.com/lauritzh/7b3ebfb5f541b6027152e5cee2f11b0d

📚 https://security.lauritz-holtmann.de/post/sso-security-ssrf/

Simple Burp Suite Bambda to detect Blind SSRF via OIDC request_uri GET parameter

Simple Burp Suite Bambda to detect Blind SSRF via OIDC request_uri GET parameter - request_uri.bambda

Gist