SSRF in PDF generation

Bookmarked!

This exercise covers how you can read arbitrary files when an application generates pdfs from provided links

PRO Easy < 1 Hr. 916 Media Badge

Course

In this lab, you'll explore a Server Side Request Forgery (SSRF) vulnerability using Weasyprint to gain unauthorized access to internal resources by crafting a malicious HTML page. You'll learn how to embed files within a PDF and extract them using zlib.

Skills covered

Injection Client Side Operating System Network

Included with PRO

Full course content 1 video

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account