SSRFmap icon indicating copy to clipboard operation
SSRFmap copied to clipboard

Published 20 hours ago verified publisher icon swisskyrepo

Error parsing JSON POST URL parameter

Open pcastagnaro opened this issue 5 years ago • 2 comments

Hi,

I'm using this script but it seems this is not reading properly JSON POST parameters. When I write down a request and set the -p parameter, the script tells the [ERROR]:No injection point found ! (use -p) error:

Request file:

image

Error:

image

image

pcastagnaro avatar Sep 24 '19 20:09 pcastagnaro

I will check the problem, can you provide a little bit of context about the big "text" before the JSON data, is it an authentication header, or some data from the request ? Do you have the header "Content-Type: application/json" ? The parser doesn't seem to go to the JSON check at https://github.com/swisskyrepo/SSRFmap/blob/master/core/requester.py#L80

swisskyrepo avatar Sep 24 '19 21:09 swisskyrepo

I had an issue with Content-Type: application/json;charset=utf-8. The requester does a hard check for "application/json" so I just removed the trailing charset segment. Maybe change the check to see if Content-Type startes with "application/json"? Or just check if "application/json" is in the Content-Type.

3lpsy avatar Dec 11 '19 19:12 3lpsy