Skip to content

Create ssrf_localdata.cs #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
apsscolari wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Create ssrf_localdata.cs #1

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
78 changes: 78 additions & 0 deletions ssrf_localdata.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
// this is SSRF sample code using local data as input, CodeQL will not detect that because of the default threat model
using System;
using System.Net;
using System.Text;
using System.Linq;

// Simple NameValue class to hold parameter pairs
public class NameValue
{
public string name;
public string value;

public NameValue(string name, string value)
{
this.name = name;
this.value = value;
}
}

class Program
{
static void Main(string[] args)
{
// Sample call to the ProxyPostRequest method
var parameters = new NameValue[]
{
new NameValue("foo", "bar"),
new NameValue("hello", "world")
};

string url = "http://httpbin.org/post"; // Use a test endpoint
var result = ProxyPostRequest(url, parameters);

Console.WriteLine("Response:\n" + result);
}

// A method to simulate UrlEncode (very basic)
static string UrlEncode(string s) => Uri.EscapeDataString(s);

// Simulate trace logging
static void TraceWrite(string s) => Console.WriteLine("[TRACE] " + s);

// Simple null guard
static void GuardArgumentNotNull(object o, string name)
{
if (o == null)
throw new ArgumentNullException(name);
}

public static string ProxyPostRequest(string url, NameValue[] parameters)
{
GuardArgumentNotNull(url, "url");
GuardArgumentNotNull(parameters, "parameters");

string stringData = string.Join("&", parameters.Select(
p => string.Format("{0}={1}", UrlEncode(p.name), UrlEncode(p.value))));

TraceWrite(string.Format("Proxying POST request: {0}", url));
TraceWrite(stringData);

var data = Encoding.UTF8.GetBytes(stringData);
var webRequest = (HttpWebRequest)WebRequest.Create(url);
webRequest.Method = "POST";
webRequest.Timeout = 600000; // 10 min

using (var stream = webRequest.GetRequestStream())
{
stream.Write(data, 0, data.Length);
}

using (var response = (HttpWebResponse)webRequest.GetResponse())
using (var reader = new System.IO.StreamReader(response.GetResponseStream()))
{
string responseText = reader.ReadToEnd();
return responseText;
}
}
}