Merge pull request The-Art-of-Hacking#164 from The-Art-of-Hacking/san…

…tosomar-patch-7 Update ssrf_galatic_archives.py
madhuveeramalla6 · Jul 4, 2023 · 8ef5602 · 8ef5602
2 parents af55514 + 1c53606
commit 8ef5602
Showing 1 changed file with 2 additions and 3 deletions.
diff --git a/web_application_testing/ssrf_galatic_archives.py b/web_application_testing/ssrf_galatic_archives.py
@@ -6,11 +6,10 @@
 import requests
 
 # The URL of the vulnerable web service.
-vulnerable_url = 'http://127.0.0.1:5000'
+vulnerable_url = 'http://10.6.6.20:5000'
 
 # The internal URL that the attacker wants to access.
-# AWS EC2 instances use this URL to provide instance metadata.
-# This data should be inaccessible from outside the EC2 instance.
+# This is to simulate that this data (secret.txt) should be inaccessible from attacker's network.
 internal_url = 'https://internal.secretcorp.org/secret.txt'
 
 # The attacker constructs the exploit URL by appending the internal URL