Skip to content

Instantly share code, notes, and snippets.

Last active Apr 14, 2021
What would you like to do?
Minimal SSRF vulnerable python flask example application.
from flask import *
import requests
app = Flask(__name__)
def follow_url():
url = request.args.get('url', '')
if url:
return (requests.get(url).text)
return "no url parameter provided"
def home():
return '''<h1>SSRF</h1>
sudo apt install -y python3-pip
sudo pip3 install flask requests;
sudo FLASK_ENV=development python3 -m flask run --host= --port=80
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment