# SSRF Vulnerability Exploit for Request-Baskets (CVE-2023-27163)

This repository presents an exploit demonstrating the Server-Side Request Forgery (SSRF) vulnerability identified as [CVE-2023-27163]( in the [request-baskets]( project, up to [version 1.2.1]( Exploiting this vulnerability enables attackers to forward HTTP requests to an internal/private HTTP service.

## How It Operates ?

This exploit calls the API component `/api/baskets/{name}`. This component creates a new basket with a specified name. This component initiates a POST request with a specified body schema.

  "forward_url": "",
  "proxy_response": false,
  "insecure_tls": false,
  "expand_path": true,
  "capacity": 250

If we change the `forward_url` to a local service and set the `proxy_response` to `true`, we can create a local proxy for HTTP requests on the targeted machine.
## Usage

python3 <public_url> <targeted_url>

This exploit has been coded for the HTB machine `Sau`.