{"id":17975082,"url":"https://github.com/initstring/switcheroo","last_synced_at":"2025-09-04T05:17:07.471Z","repository":{"id":130807620,"uuid":"201564961","full_name":"initstring/switcheroo","owner":"initstring","description":"  Universal LAN-based SSRF Attack Primitive","archived":false,"fork":false,"pushed_at":"2019-08-10T01:50:28.000Z","size":201,"stargazers_count":19,"open_issues_count":0,"forks_count":3,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-20T12:51:44.442Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://initblog.com/2019/switcheroo/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/initstring.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-08-10T01:49:57.000Z","updated_at":"2024-12-11T01:12:02.000Z","dependencies_parsed_at":"2023-05-18T13:46:42.929Z","dependency_job_id":null,"html_url":"https://github.com/initstring/switcheroo","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/initstring/switcheroo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/initstring%2Fswitcheroo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/initstring%2Fswitcheroo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/initstring%2Fswitcheroo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/initstring%2Fswitcheroo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/initstring","download_url":"https://codeload.github.com/initstring/switcheroo/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/initstring%2Fswitcheroo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273555459,"owners_count":25126316,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-04T02:00:08.968Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-29T17:18:09.897Z","updated_at":"2025-09-04T05:17:07.451Z","avatar_url":"https://github.com/initstring.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# switcheroo\n\n## Overview\nSwitcheroo is a POC demonstrating a universal SSRF strategy for LAN-based attacks against vulnerable SSDP services. One such service happens to be included in default installations of Microsoft Windows.\n\nYou can read the full details in my blog [here](https://initblog.com/2019/switcheroo).\n\n![flowchart](ssrf-diagram.jpg)\n\n## Utilization\nThe tool should be run from a Linux host with vulnerable systems on the same network segment. It will listen for SSDP multicast discover requests, replying to them with fake device description URL. When the SSDP service on a vulnerable system accesses that URL, the tool will reply with an HTTP 301 redirect to an arbitrary URL that you provide with the `-u` option. This URL can be anything on any host (including localhost and protected networks).\n\nYou can tell switcheroo to reply only to a specific host by supplying the IP address of your target with `-t`. Or, run it \"karma-mode\" style with `-t \"*\"`.\n\nYou also must provide the interface your attacking machine will host the HTTP redirect on. By default, it will bind to 8888 but you can change this with `-p`.\n\n**Full Help**\n```\nusage: switcheroo.py [-h] -i INTERFACE [-p PORT] -u URL -t TARGET\n\noptional arguments:\n  -h, --help            show this help message and exit\n  -i INTERFACE, --interface INTERFACE\n                        Network interface to listen on.\n  -p PORT, --port PORT  Port for HTTP server. Defaults to 8888.\n  -u URL, --url URL     Force target to perform a GET here\n  -t TARGET, --target TARGET\n                        Target victim. Enter an IP or \"*\"\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finitstring%2Fswitcheroo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Finitstring%2Fswitcheroo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finitstring%2Fswitcheroo/lists"}