This repository has been archived by the owner on Jul 6, 2024. It is now read-only.

IsPrivate Function Bypass #25

Open

aydinnyunus opened this issue Apr 27, 2024 · 0 comments

aydinnyunus commented Apr 27, 2024

Hi Team,

I found possible IsPrivate function bypass on aero framework on

Line 17 in f70e4d9

func isPrivateAddress(address string) (bool, error) {

PoC:

https://go.dev/play/p/r41I__AxFUN

If you give 0.0.0.0 which can be point to localhost, it can be bypassed

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.