Secureh

S C E N A R I O
A PHP web application implements a simple internal routing mechanism that relies on HTTP headers to determine whether a request is allowed to access an internal service. The application attempts to restrict access by validating custom forwarded headers and enforcing domain suffix checks combined with hostname and port validation. However, due to insecure logic in header handling and weak SSRF protections, the system may allow attackers to manipulate forwarded values and bypass intended restrictions.

O B J E C T I V E
Analyze the PHP source code and identify weaknesses in the SSRF protection logic. Exploit improper validation of forwarded headers and hostname resolution to bypass access restrictions and retrieve the internal content. Visit /challenge/ to access a machine containing the source code of an application located in the src directory. Your task is to fix the code to retrieve the flag. Make sure to read the rules before you begin.

Provided Files None (black-box testing)

Infrastructure PHP Web Application (Internal Service Access Control Simulation)
Flag Format Flag{}