Enable SSRF tests for PHP

DataDog · Jan 3, 2025 · f74db52 · f74db52
1 parent 1c17b00
commit f74db52
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 2 deletions.
diff --git a/manifests/php.yml b/manifests/php.yml
@@ -152,7 +152,18 @@ tests/:
       test_lfi.py: missing_feature
       test_shi.py: missing_feature
       test_sqli.py: missing_feature
-      test_ssrf.py: missing_feature
+      test_ssrf.py:
+        Test_Ssrf_BodyJson: v1.6.0
+        Test_Ssrf_BodyUrlEncoded: v1.6.0
+        Test_Ssrf_BodyXml: v1.6.0
+        Test_Ssrf_Capability: v1.6.0
+        Test_Ssrf_Mandatory_SpanTags: v1.6.0
+        Test_Ssrf_Optional_SpanTags: v1.6.0
+        Test_Ssrf_Rules_Version: v1.6.0
+        Test_Ssrf_StackTrace: v1.6.0
+        Test_Ssrf_Telemetry: v1.6.0
+        Test_Ssrf_UrlQuery: v1.6.0
+        Test_Ssrf_Waf_Version: v1.6.0
     waf/:
       test_addresses.py:
         Test_BodyJson: v0.98.1 # TODO what is the earliest version?

diff --git a/utils/build/docker/php/common/rasp/ssrf.php b/utils/build/docker/php/common/rasp/ssrf.php
@@ -1 +1,18 @@
-<?php echo "Hello, SSRF!";
+<?php
+
+$domain = null;
+$contentType = $_SERVER['CONTENT_TYPE'] ?? "";
+switch ($contentType) {
+	case 'application/json':
+		$body = file_get_contents("php://input");
+		$decoded = json_decode($body, 1);
+		$domain = $decoded["domain"];
+		break;
+	default:
+		$domain = urldecode($_REQUEST["domain"]);
+		break;
+}
+
+file_get_contents($domain);
+
+echo "Hello, SSRF!";