Greeting Everyone ! Hope All Going good Today In this Blog post we are going to share Our Finding which encountered Internal IP disclosure cause able to extract full source code of website . We will discuss two scenario Of our testing period how we are security Team of securium solutions able to bypass All Restriction of website And cause Stored XSS, And dump full source code .
Before Start One Day me and our security Team we testing On site which is protected through Go daddy firewall if it detect some malicious activity it blocked Our IP! Uffff! Getting stuck we are unable to perform our testing because usually It blocked particular IP for 20 Minute .
Now lets Start !
After lot of try we are unable to properly communicate and we tried to Find some other way and then we simply went to censys.io and lets have One try .
Here we can’t expose our Target but we can call target.evisa.gov.bla so we simply search If there some Information is present In censys.io and we are Lucky ! We got origin IP Of server Now we smiled and hope for good !
Finally Now we can server Site With Origin IP which Is Not protected Through Firewall And after We encountered XSS, SQLI, Auth bypass Issue .
This is how shodan , censys.io Allow us to bypass Some Restriction By accessing Internal IP Or Other Information . Hope You Enjoyed This Finding !
Recommendation :
change the IP address of the server. In this case, DNS would serve an address of the proxy server, and the address of the original server would remain confidential.
Delete all DNS records that are not used. As you know, once something ends up on the Internet, it stays there forever. This is also true for DNS records.
Thanks For Reading……. See You In Another Blog!
Stick With Our Blog : https://securiumsolutions.com/
Author : Pallab Jyoti Borah | VAPT Analyst
