⛏️ Write test for executing redis RCE via SSRF

[aktoboy]

💭 Introduction: We want to test whether API's which take in url as a param are vulnerable to do RCE on Redis using SSRF. You can refer this blog for more details about the attack.

🎯 Requirements: This test should only run for APIs which are taking url as a parameter in input. The test should correctly detect whether some RCE on Redis is possible. An SSRF example is implemented here already.

📚 Reading You can find a detailed documentation of test editor rules here Find 100+ examples of YAML tests here

✅ Task summary:

• [ ] Ask to be assigned to the issue.
• [ ] Wait to be assigned. We will try to assign in less than 2 hours.
• [ ] Fork the tests-library repository, create a new branch and commit the yaml file which will be called in your test.
• [ ] Signup for Akto
• [ ] Check in the Attempt tab, if the payload changes, then task is done.
• [ ] Submit the PR here.

✌🏻 Hints: You can build the yaml template by referring this link

🙋🏼‍♂️ Questions: If you have questions, need any help, or just want to hang out, make sure to join us on our Discord server.