C Sharp Ssrf Http Client
Description
Detects Server-Side Request Forgery (SSRF) vulnerabilities in C# applications where untrusted user input is used in HttpClient request methods without proper validation. This could allow attackers to make unauthorized HTTP requests to internal or external resources through the server, potentially accessing sensitive information or internal services.
Detection Strategy
• Check if System.Net namespace is imported in the code
• Look for HttpClient method calls (like GetAsync, PostAsync, etc.)
• Examine if the URL parameter (first argument) of these HTTP methods comes from an untrusted source like user input
• Verify that the URL parameter is not properly sanitized or validated before use
• Report a vulnerability if all conditions are met - untrusted input flows into an HttpClient method without proper sanitization
Vulnerable code example
using System.Net.Http;
using System.Threading.Tasks;
public class ProxyService
{
private readonly HttpClient _httpClient = new HttpClient();
public async Task<string> FetchUrl(string url) ...✅ Secure code example
using System;
using System.Linq;
using System.Net.Http;
using System.Threading.Tasks;
public class ProxyService
{
private readonly HttpClient _httpClient = new HttpClient();...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.