Java Ssrf External Request Url Builder
Description
Detects Server-Side Request Forgery (SSRF) vulnerabilities in Java applications where untrusted URL strings are used to make external network requests. This could allow attackers to make the server send requests to arbitrary destinations, potentially accessing internal services or causing denial of service.
Detection Strategy
• Checks if the Java code imports classes from the java.net package
• Identifies URL construction using untrusted or user-controlled input
• Looks for URLs being used to make external network requests without proper validation
• Reports a vulnerability when an untrusted URL string flows into a network request operation
Vulnerable code example
import java.net.URL;
import jakarta.servlet.http.HttpServletRequest;
public class VulnerableSSRF {
public void processUrl(HttpServletRequest request) throws Exception {
String userUrl = request.getParameter("url");
// VULNERABLE: Directly using user input to create URL without validation
URL url = new URL(userUrl);...✅ Secure code example
import java.net.URL;
import java.net.URI;
import jakarta.servlet.http.HttpServletRequest;
import java.util.Set;
import java.util.regex.Pattern;
public class SecureSSRF {
// Whitelist of allowed domains...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.