NA

CVE-2023-27163

Published: 31/03/2023 Updated: 11/08/2023
CVSS v3 Base Score: 6.5 | Impact Score: 5.2 | Exploitability Score: 1.2
VMScore: 0

Vulnerability Summary

request-baskets up to v1.2.1 exists to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows malicious users to access network resources and sensitive information via a crafted API request.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

rbaskets request baskets

Vendor Advisories

Check Point Reference: CPAI-2023-0476 Date Published: 14 Aug 2023 Severity: High ...

Mailing Lists

Request-Baskets version 121 suffers from a server-side request forgery vulnerability ...
Maltrail version 053 suffers from an unauthenticated remote code execution vulnerability ...

Github Repositories

this is a script that exploits the CVE-2023-27163 vulnerability which is request-basket SSRF

basketcraft this is a script that exploits the CVE-2023-27163 vulnerability which is an SSRF in the request-baskets version 121 SSRF on Request-Baskets (CVE-2023–27163) CVE-2023–27163 represents a critical Server-Side Request Forgery (SSRF) vulnerability that was identified in Request-Baskets, affecting all versions up to and including 121 This particular vulne

To assist in enumerating the webserver behind the webserver SSRF CVE-2023-27163

Thank you to @beet1e(githubcom/b33t1e) from Shanghai Jiao Tong University and @chenlibo147 , @houqinsheng, 202037049@mailsdueducn from Shandong University Please review notessjtueducn/s/MUUhEymt7# for indepth information about the SSRF vulnerability (CVE-2023-27163) This code is for enumerating the internal server using the SSRF in request-baskets If a

PoC CVE-2023-27163, SSRF, request-baskets hasta v1.2.1

CVE-2023-27163 PoC CVE-2023-27163, SSRF, request-baskets hasta v121 Ejemplo de uso my_scriptsh -i 101011111 -f 'localhost:80' -t 10101427 -i ip de servidor victima -f ip o dirección a donde dirigir las conexiones producidas por el SSRF -t en esta opción va su ip local o la ip atacante, para generación del archivo revsh, exponer el archiv

Walkthrough for the retired HTB machine 'Sau'

sau HTB retired machine | Linux (easy) First, we perform an nmap scan to detect various services 22/tcp open ssh OpenSSH 82p1 Ubuntu 4ubuntu07 (Ubuntu Linux; protocol 20) | ssh-hostkey: | 3072 aa8867d7133d083a8ace9dc4ddf3e1ed (RSA) | 256 ec2eb105872a0c7db149876495dc8a21 (ECDSA) |_ 256 b30c47fba2f212ccce0b58820e504336 (ED25519) 80/tcp filtered http 8338/

CVE-2023-27163 - Request Baskets SSRF

CVE-2023-27163 - Request Baskets SSRF Request Baskets SSRF PoC Request Baskets versions <121 are vulnerable to Server Side Request Forgery (SSRF) attacks via the /api/baskets/{name} component usage git clone githubcom/rvizx/CVE-2023-27163 cd CVE-2023-27163 chmod +x exploitsh /exploitsh <target_url> &a

CVE-2023-27163

CVE-2023-27163 CVE-2023-27163

Writeup of the room called "Sau" on HackTheBox done for educational purposes.

Sau First I started a scan with nmap to discover the open services on the target host $ sudo nmap -sS -Pn --max-retries 1 --min-rate 20 -p- 101011224 [sudo] password for kali: Starting Nmap 793 ( nmaporg ) at 2023-09-11 14:25 CEST Warning: 101011224 giving up on port because retransmission cap hit (1) Nmap scan report for 101011224 Host is up (0059s laten

Hack-The-Box-Sau WP

HTB-Sau 评级为easy,这个赛季打的第一个盒子。回顾来看确实很easy,但是在reverse shell的时候卡了很久。sh反向shell不行的时候就换一下其他的语言的反向shell。 拿到ip后nmap扫一下: nmap -sS -p- -Pn --open --min-hostgroup 1024 --min-parallelism 1024 -T4 -v 101011224 -sS SYN半连

A tool to perform port scanning using vulnerable Request-Baskets

CVE-2023-27163-InternalProber CVE-2023-27163-InternalProber is a powerful tool designed to help you to create a request basket and perform port scanning It automates the creation of new basket and then change the configuration for each port to perform port scanning on the internal IP address By leveraging this tool, you can efficiently discover potential security vulnerabili

Poc of SSRF for Request-Baskets (CVE-2023-27163)

CVE-2023-27163 Poc of SSRF for Request-Baskets (CVE-2023-27163) based on this code from entr0pie The PoC is expanded to fuzz the content of another web service (local or otherwise) and return the content of the files found Usage python3 CVE-2023-27163py <BaseURL>:<Port> -t <Target>:<Port> -w <wordli

SSRF Vulnerability Exploit for Request-Baskets (CVE-2023-27163) This repository presents an exploit demonstrating the Server-Side Request Forgery (SSRF) vulnerability identified as CVE-2023-27163 in the request-baskets project, up to version 121 Exploiting this vulnerability enables attackers to forward HTTP requests to an internal/private HTTP service How It Operates ? Thi

Requests Baskets (CVE-2023-27163) and Mailtrail v0.53

Automatic Exploit Summary The following exploit abuses Requests Baskets v121 SSRF vulnerability to forward the internal application running at 127001:80 to the external application at /pwned Once the Mailtrail v053 application has been forwarded it will execute a reverse shell command against it and within a few seconds the user should obtain a reverse shell onto the mac

Proof of Concept for Server Side Request Forgery (SSRF) in request-baskets (V<= v.1.2.1)

PoC of SSRF on Request-Baskets (CVE-2023-27163) This repository contains a Proof-of-Concept (PoC) for CVE-2023-27163, a Server-Side Request Forgery (SSRF) vulnerability discovered in request-baskets up to version 121 This vulnerability allows attackers to access network resources and sensitive information by exploiting the /api/baskets/{name} component through a crafted API

Python implementation of CVE-2023-27163

CVE-2023-27163 Python implementation of CVE-2023-27163 Installation To install the project dependencies, follow these steps: Clone the repository: git clone githubcom/your_username/your_repositorygit` Navigate into the project directory: cd your_repository Install the dependencies usi

HackTheBox-Sau Reconnaissance First, we use nmap to see what services and at what ports are open/active in the server As we can see, we found 4 ports 2 that are open which are 22 (SSH) and 55555 (Unknown), and then 2 that are filtered which are 80 (HTTP) and 8338 (Unknown) First i'd like to check if the open port other than SSH is a web or not And it is a web, and the

Golang PoC for CVE-2023-27163 Mailtrail Exploit

CVE-2023-27163 This code is meant for educational and white-hat purposes only The author takes no responsibility for anything you do with this YOUR ACTIONS ARE YOUR OWN

CVE-2023-27163 SSRF for Requests Baskets 121 This repository contains a Proof-of-Concept for CVE-2023-27163, a Server-Side Request Forgery (SSRF) vulnerability discovered in request-baskets up to version 121 Getting Started Executing program SSRF Execution python3 exploitpy -u 'requestsbasket/' -w wordlisttxt -s 'localhost/'

Proof-of-Concept for Server Side Request Forgery (SSRF) in request-baskets (<= v.1.2.1)

PoC of SSRF on Request-Baskets (CVE-2023-27163) This repository contains a Proof-of-Concept (PoC) for CVE-2023-27163, a Server-Side Request Forgery (SSRF) vulnerability discovered in request-baskets up to version 121 This vulnerability allows attackers to access network resources and sensitive information by exploiting the /api/baskets/{name} component through a crafted API

CVE-2023-27163 Request-Baskets v1.2.1 - Server-side request forgery (SSRF)

CVE-2023-27163 Request-Baskets v121 - Server-side request forgery (SSRF) request-baskets up to v121 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name} This vulnerability allows attackers to access network resources and sensitive information via a crafted API request Installation git clone githubcom/0xFTW/CVE-202

Embark on my CTFs Journey, where I document my conquests and lessons learned while navigating the dynamic challenges of Capture The Flag contests. From cracking codes to outsmarting puzzles, join me in exploring the diverse landscape of cybersecurity challenges.

Description Welcome to my personal Capture The Flags (CTFs) repository! This repository is created to track my progress, achievements, and detailed notes regarding cybersecurity challenges, especially on popular platforms like TryHackMe, Hack The Box and Rootme Contents This repository contains an organized list of CTF Machines that I have successfully exploited Each entry in

For the first time, a vulnerability scanning program for Android using Python libraries python3, kivy, kivymd, requests, android, jnius, kivmob, pyjnius, argparse, pwn, bs4, kivyauth

Vulnerability-checking-program-for-Android For the first time, a vulnerability scanning program for Android using Python libraries python3, kivy, kivymd, requests, android, jnius, kivmob, pyjnius, argparse, pwn, bs4, kivyauth This project is under development, please refer to this page to see the update This software has been created purely for the purposes of academic research

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

PoC in GitHub 2023 CVE-2023-0045 (2023-04-25) The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall The ib_prctl_set &nbsp;function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bi