|
@@ -9,6 +9,8 @@
|
|
|
|
|
|
HTTP request smuggling is a technique for interfering with the way a web site processes sequences of HTTP requests that are received from one or more users.
|
|
HTTP request smuggling is a technique for interfering with the way a web site processes sequences of HTTP requests that are received from one or more users.
|
|
|
|
|
|
|
|
+![c](https://03c8.net/images/smuggler_poc.png)
|
|
|
|
+
|
|
Request smuggling vulnerabilities are often critical in nature, allowing an attacker to bypass security controls, gain unauthorized access to sensitive data, and directly compromise other application users.
|
|
Request smuggling vulnerabilities are often critical in nature, allowing an attacker to bypass security controls, gain unauthorized access to sensitive data, and directly compromise other application users.
|
|
|
|
|
|
#### Installing:
|
|
#### Installing:
|
|
@@ -43,9 +45,9 @@
|
|
|
|
|
|
![c](https://03c8.net/images/smuggler_detection2.png)
|
|
![c](https://03c8.net/images/smuggler_detection2.png)
|
|
|
|
|
|
|
|
+![c](https://03c8.net/images/smuggler_results.png)
|
|
|
|
+
|
|
![c](https://03c8.net/images/smuggler_exploit.png)
|
|
![c](https://03c8.net/images/smuggler_exploit.png)
|
|
|
|
|
|
![c](https://03c8.net/images/smuggler_exploit2.png)
|
|
![c](https://03c8.net/images/smuggler_exploit2.png)
|
|
|
|
|
|
-![c](https://03c8.net/images/smuggler_results.png)
|
|
|
|
-
|
|
|