SSRF via FFMPEG
Bookmarked!This exercise covers how you can read arbitrary files when an application uses ffmpeg to render videos from a video you provide
In this lab, you will explore the Server Side Request Forgery (SSRF) vulnerability, which allows attackers to use a web application's functionality to access internal resources. The goal is to understand how to manipulate the server into making HTTP requests on your behalf, a technique that can be highly effective in various attack scenarios. This challenge is inspired by a presentation at BlackHat titled "Viral Video: Exploiting SSRF In Video Converters."
The application in this challenge uses FFMPEG to encode user-provided videos. By exploiting this functionality, you can leak the content of the file /app/key.txt
to retrieve the key for the challenge. You can either use the tool FFmpeg-HLS-SSRF
to get the file's content or build your own exploit. The task is simplified by requiring only the first line of the file to obtain the key.