HTB_Labs:Sau

📰 Medium · Cybersecurity

Learn how to exploit a Server-Side Request Forgery (SSRF) vulnerability in Request-Baskets version 1.2.1 to access sensitive information

intermediate Published 19 Jun 2026
Action Steps
  1. Run a nmap scan to identify open ports and running services on a target machine
  2. Identify the version of Request-Baskets running on the target machine
  3. Exploit the SSRF vulnerability in Request-Baskets version 1.2.1 using the `/api/baskets/{name}` endpoint
  4. Use the `forward_url` parameter to interact with restricted internal network resources and access sensitive information
  5. Analyze the results of the exploit to identify potential security risks and vulnerabilities
Who Needs to Know This

This article is relevant to cybersecurity professionals and penetration testers who want to learn about exploiting SSRF vulnerabilities in web applications. It can help them improve their skills in identifying and exploiting vulnerabilities, and enhance their knowledge of web application security.

Key Insight

💡 SSRF vulnerabilities can be exploited to access sensitive information and interact with restricted internal network resources

Share This
🚨 Exploit SSRF vulnerability in Request-Baskets 1.2.1 to access sensitive info 🚨

Key Takeaways

Learn how to exploit a Server-Side Request Forgery (SSRF) vulnerability in Request-Baskets version 1.2.1 to access sensitive information

Full Article

Title: HTB_Labs:Sau

URL Source: https://medium.com/@sethiuddhav/htb-labs-sau-6ddfd5bc1922?source=rss------cybersecurity-5

Published Time: 2026-06-19T05:59:26Z

Markdown Content:
# HTB_Labs:Sau. Enumeration | by Uddhav Sethi | Jun, 2026 | Medium

[Sitemap](https://medium.com/sitemap/sitemap.xml)

[Open in app](https://play.google.com/store/apps/details?id=com.medium.reader&referrer=utm_source%3DmobileNavBar&source=post_page---top_nav_layout_nav-----------------------------------------)

Sign up

[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40sethiuddhav%2Fhtb-labs-sau-6ddfd5bc1922&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)

[](https://medium.com/?source=post_page---top_nav_layout_nav-----------------------------------------)

Get app

[Write](https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---top_nav_layout_nav-----------------------new_post_topnav------------------)

[Search](https://medium.com/search?source=post_page---top_nav_layout_nav-----------------------------------------)

Sign up

[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40sethiuddhav%2Fhtb-labs-sau-6ddfd5bc1922&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)

![Image 1: Unknown user](https://miro.medium.com/v2/resize:fill:32:32/1*dmbNkD5D-u45r44go_cf0g.png)

# HTB_Labs:Sau

[![Image 2: Uddhav Sethi](https://miro.medium.com/v2/da:true/resize:fill:32:32/0*06eqrGhAUcyU0FeL)](https://medium.com/@sethiuddhav?source=post_page---byline--6ddfd5bc1922---------------------------------------)

[Uddhav Sethi](https://medium.com/@sethiuddhav?source=post_page---byline--6ddfd5bc1922---------------------------------------)

Follow

6 min read

·

1 hour ago

[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F6ddfd5bc1922&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40sethiuddhav%2Fhtb-labs-sau-6ddfd5bc1922&user=Uddhav+Sethi&userId=c82ff8e6b08d&source=---header_actions--6ddfd5bc1922---------------------clap_footer------------------)

[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Frepost%2Fp%2F6ddfd5bc1922&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40sethiuddhav%2Fhtb-labs-sau-6ddfd5bc1922&user=Uddhav+Sethi&userId=c82ff8e6b08d&source=---header_actions--6ddfd5bc1922---------------------repost_header------------------)

[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F6ddfd5bc1922&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40sethiuddhav%2Fhtb-labs-sau-6ddfd5bc1922&source=---header_actions--6ddfd5bc1922---------------------bookmark_footer------------------)

[Listen](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2Fplans%3Fdimension%3Dpost_audio_button%26postId%3D6ddfd5bc1922&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40sethiuddhav%2Fhtb-labs-sau-6ddfd5bc1922&source=---header_actions--6ddfd5bc1922---------------------post_audio_button------------------)

Share

## Enumeration

Press enter or click to view image in full size

![Image 3](https://miro.medium.com/v2/resize:fit:700/1*PCbhDxk_unipypxmQ2c7vQ.png)

I ran a nmap scan which revealed ssh and a web service running.

Press enter or click to view image in full size

![Image 4](https://miro.medium.com/v2/resize:fit:700/1*f0hkCrtfQ9VIjSkfQyEbMg.png)

Request-Baskets version 1.2.1 contains a critical Server-Side Request Forgery (SSRF) vulnerability via the `/api/baskets/{name}` endpoint. This flaw permits unauthenticated attackers to abuse the `forward_url` parameter, enabling them to interact with restricted internal network resources and access sensitive information.

Vulnerability Overview

* Vulnerability Type: Server-Side Request Forgery (SSRF)
* Affected Versions: `request-baskets <= 1.2.1`
* Assigned CVE: CVE-2023–27163

SSRF is cal
Read full article → ← Back to Reads

Related Videos

Surfshark Review — The Honest Pros, Cons and Final Verdict (2026)
Surfshark Review — The Honest Pros, Cons and Final Verdict (2026)
Tutorial Stack
How to Recover from a Site Hack with Sucuri - Detailed Guide
How to Recover from a Site Hack with Sucuri - Detailed Guide
Guide Answers
CompTIA Linux+ XK0-006: How to Prepare and Pass in 2026
CompTIA Linux+ XK0-006: How to Prepare and Pass in 2026
Webronaq
Why 56,000 Linux Admin Jobs Go Unfilled in 2026
Why 56,000 Linux Admin Jobs Go Unfilled in 2026
Webronaq
Cyber security threats @FameWorldEducationalHub #cybersecurity #threats #shorts #ytshorts
Cyber security threats @FameWorldEducationalHub #cybersecurity #threats #shorts #ytshorts
FAME WORLD EDUCATIONAL HUB
Court Grants Sowore 200million Naira Bail In Alleged Cybercrime Case
Court Grants Sowore 200million Naira Bail In Alleged Cybercrime Case
Channels Television