Kotlin Ssrf From Untrusted Url
Description
Detects Server-Side Request Forgery (SSRF) vulnerabilities in Kotlin code where untrusted URL inputs are used in network requests. This vulnerability could allow attackers to make the application send requests to arbitrary destinations, potentially accessing internal services or sensitive data.
Detection Strategy
• Check if code imports networking libraries like java.net, okhttp, or similar HTTP client libraries
• Look for network request functions like URL(), HttpURLConnection, OkHttpClient.newCall()
• Identify when URLs or hostnames used in these requests come from untrusted sources like user inputs or external data
• Report a vulnerability when untrusted URL inputs flow into network request functions without proper validation
Vulnerable code example
import io.ktor.server.application.*
import io.ktor.server.request.*
import java.net.URL
fun processFileUrl(call: ApplicationCall) {
val fileUrl = call.request.queryParameters["fileUrl"]
// VULNERABLE: Direct use of user input in URL creation allows SSRF
URL(fileUrl).openConnection().connect()...✅ Secure code example
import io.ktor.server.application.*
import io.ktor.server.request.*
import java.net.URL
import java.io.IOException
fun processFileUrl(call: ApplicationCall) {
val fileUrl = call.request.queryParameters["fileUrl"]
fileUrl?.let {...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.