Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

camo.githubusercontent.com is vulnerable to ssrf. #105

Open
isuspendyou76219 opened this issue Nov 24, 2021 · 3 comments
Open

camo.githubusercontent.com is vulnerable to ssrf. #105

isuspendyou76219 opened this issue Nov 24, 2021 · 3 comments
Labels
bug

Comments

@isuspendyou76219
Copy link

isuspendyou76219 commented Nov 24, 2021
edited
Loading

Logs camo out of the following websites:

  • AOL
  • AOL 2
  • Amazon
  • Blogger
  • Delicious
  • DeviantART
  • DreamHost
  • Dropbox
  • eBay
  • Gandi
  • GitHub
  • GMail
  • Google
  • Hulu
  • Instapaper
  • Linode
  • LiveJournal
  • MySpace
  • NetFlix
  • New York Times
  • Newegg
  • Photobucket
  • Skype
  • Slashdot
  • SoundCloud
  • Steam Community
  • Steam Store
  • ThinkGeek
  • Threadless
  • Tumblr
  • Vimeo
  • Wikipedia
  • Windows Live
  • Woot
  • Wordpress
  • Yahoo
  • YouTube
@isuspendyou76219 isuspendyou76219 changed the title click here camo arbitrary code execution Nov 24, 2021
@isuspendyou76219
Copy link
Author

@isuspendyou76219 isuspendyou76219 changed the title camo arbitrary code execution camo is vulnerable to ssrf Nov 28, 2021
@isuspendyou76219 isuspendyou76219 changed the title camo is vulnerable to ssrf github.camo is vulnerable to ssrf Nov 28, 2021
@isuspendyou76219 isuspendyou76219 changed the title github.camo is vulnerable to ssrf camo.githubusercontent.com is vulnerable to ssrf. Nov 28, 2021
@isuspendyou76219
Copy link
Author

Actually blocking github camo from accessing github (you may get blocked too.)

@isuspendyou76219
Copy link
Author

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@isuspendyou76219