19 lines
374 B
Python
19 lines
374 B
Python
#!/usr/bin/env python3
|
|
# -*- coding: utf-8 -*-
|
|
"""SSRF example"""
|
|
|
|
import requests
|
|
from flask import Flask, request
|
|
|
|
app: Flask = Flask(__name__)
|
|
|
|
|
|
@app.route("/fetch-url", methods=["GET"])
|
|
def fetch_url():
|
|
url = request.args.get("url")
|
|
response = requests.get(url) # Vulnerable to SSRF
|
|
return response.text
|
|
|
|
|
|
if __name__ == "__main__":
|
|
app.run(debug=True)
|