Pdfy Htb Writeup Upd -

The target application is a simple web service that takes a URL and generates a PDF preview of it. Server-Side Request Forgery (SSRF). Primary Tool: wkhtmltopdf (v0.12.5 or older).

Copy the public URL provided by Serveo (or use your direct VPN IP if reachable). Paste this URL into the input field on the web app. pdfy htb writeup upd

Example RPD format: HTBr00t_pr00f_d4t4_456abc The target application is a simple web service

Upon accessing the HTTP service on port 80, I found a default Apache web server page. However, further investigation revealed a peculiar directory listing at /pdfs/ , which seemed to host various PDF files. Copy the public URL provided by Serveo (or

Using DirBuster, we perform a directory brute-forcing attack on the web server and discover several directories, including /uploads , /download , and /admin . The /uploads directory seems to be used for storing user-uploaded files, while the /download directory appears to be used for downloading converted PDF files.