SSRF via FFMPEG II

Bookmarked!

This exercise covers how you can read arbitrary files when an application uses ffmpeg to render videos from a video you provide

PRO
Tier
Hard
< 1 Hr.
0
Media Badge

In this lab, you will explore a Server Side Request Forgery (SSRF) vulnerability within a web application that uses FFMPEG for video encoding. SSRF vulnerabilities allow attackers to manipulate a server into making unauthorized requests on their behalf. This particular challenge is inspired by a talk at BlackHat, which demonstrated how SSRF can be exploited in video converters.

Your task is to exploit this vulnerability to leak the content of the file /app/key.txt, which contains the key needed to complete this challenge. Unlike previous challenges, you won’t get direct access to the created file. Instead, you must use an out-of-bound method to exfiltrate the file's content. The tool FFmpeg-HLS-SSRF can be used to accomplish this, but you can also build your own exploit if you prefer. Only the first line of the file is needed to retrieve the key, simplifying the exploitation process.

Want to learn more? Get started with PentesterLab Pro! GOPRO