Request Smuggling

web_attacks crlf crlf http_verb_tampering it_happens_sometimes

Request Smuggling is a request that is interpreted as two by the back-end while the others only saw one request.

This often works by injecting something in the HTTP Headers.

One specific sub-attack is called CRLF Injection. For instance, it may be used to corrupt logs by inserting malicious logs.

Another kind of attack exploiting HTTP Headers is called Verb Tampering. If the webserver is misconfigured or the code contains logic flaws, another HTTP method might be accepted while we are denied access with the 'intended' HTTP methods.

  • Ex: A website expecting a POST request but using $_REQUEST may be vulnerable to injection using GET (Refer to Logic Flaws)

  • Ex: A website using .htaccess to request a password might be misconfigured and bypassed using GETS or PUT etc.

πŸ‘» To-do πŸ‘»

Stuff that I found, but never read/used yet.