Highest Voted 'request-smuggling' Questions - IT Security Stack Exchange

3

votes

2 answers

What does "connection" mean in context of request smuggling

I recently read about request smuggling. This is a very interesting attack that I didn't know about. A vulnerability to this was recently discovered at Slack, disclosed responsibly and a bounty was awarded. The linked article says: When the…

tls http request-smuggling

asked Mar 14 '20 at 12:44

Ram Rachum

1,998
2
17
20

2

votes

0 answers

What are NGINX reverseproxy users doing to prevent HTTP Request smuggling?

Since NGINX does not support sending HTTP/2 requests upstream, what are the present NGINX reverseproxy users doing to mitigate HTTP Request Smuggling vulnerability? I understand that the best way to prevent HTTP Request Smuggling is by sending…

http nginx http2 request-smuggling

asked Dec 09 '21 at 06:25

Sai Vishnu

21
1

2

votes

0 answers

http smuglling how can i do a poc in a big websites?

i try to find http smuggling in big bug bouny program if i send this to the server POST /path HTTP/1.1 Host: subdomain.domain.com User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0 Connection: Keep-Alive Content-Length:…

http http-proxy request-smuggling

asked Mar 12 '21 at 21:54

eyal

73
1
3

2

votes

0 answers

Force Apache Server/Tomcat to ignore Transfer-Encoding

I am trying to reproduce HTTP request smuggling using an Apache HTTP Server as a reverse proxy (using mod_proxy) and a Tomcat Server in the back-end. Is it possible to force either Apache Server or Tomcat to ignore Transfer-Encoding in requests (and…

apache request-smuggling

asked Jul 03 '20 at 08:52

Druckles

153
3

1

vote

3 answers

Is a HTTP Request Smuggling a concern when using load balancers?

CVE-2022-22720 (Apache HTTP Server 2.4.52 vulnerability) mentions that the risk is with HTTP Request Smuggling. My understanding of HTTP Request Smuggling is that a front server A transmits to a back server B a request. That request can be…

web request-smuggling

asked Mar 25 '22 at 12:11

WoJ

8,957
2
32
51

1

vote

1 answer

How to exploit HTTP Request Smuggling?

I set up the following lab using HAProxy and Gunicorn. Both "Smuggler.py" tool and "HTTP Request Smuggler" BurpSuite extension detected CL.TE vulnerability. I checked it manually by sending below request: Here is the request in HAProxy: and, this…

http vulnerability request-smuggling

asked Dec 22 '21 at 07:39

mehran_2020

11
2

0

votes

1 answer

Are there HTTP/2 specific attacks different from request smuggling?

I'm researching information about HTTP/2 from a cybersecurity point of view for an article, and i wanted to include a section about attacks exclusive to HTTP/2 or were this protocol have a key role. I already got information about request smuggling…

attacks web research http2 request-smuggling

asked Sep 20 '22 at 13:15

kiratross

1
1

0

votes

1 answer

Is HTTP Request Smuggling domain/subdomain wide or directory wide?

I have a pretty good understanding of HTTP Request Smuggling vulnerabilities but one thing I still need some clarification on is if they are domain/subdomain wide or directory wide? Here's what I mean: If HTTP Request Smuggling vulnerabilities arise…

webserver attack-vector request-smuggling

asked Aug 25 '22 at 14:04

ex7lted

50
5

0

votes

0 answers

Can anti-CSRF Token prevent HTTP Request Smuggling?

What is the easiest way to prevent HTTP Request Smuggling ? Can Anti-CSRF tokens prevent the server from processing the smuggled request? OR HTTP request smuggling is possible irrespective of any session id, cookie or token because back-end and…

request-smuggling

asked Jan 14 '22 at 10:03

Mary

1
1

0

votes

1 answer

Content-Length based DoS

I was trying this, on a website where I was allowed to carry out testing by the site administrator. On failing to use two different headers (Site is beyond AWS and I am getting a 400), I tried the old way of using 2 different Content-Length…

appsec request-smuggling

asked Mar 14 '21 at 15:14

Subbu

1
1

0

votes

1 answer

why the website cant understand my request in http smuggling?

hi I started to find bug bounty vulnerabilities and i think i found a te.cl vulnerability in a website. i send GET / HTTP/1.1 Transfer-Encoding: chunked Host: subdomain.domain.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)…

web-application http webserver burp-suite request-smuggling

asked Feb 04 '21 at 02:43

eyal

73
1
3

0

votes

1 answer

Nessus Plugin "HTTP Smuggling Detection" failing due to support for http/1.1 - how to overcome?

A new Nessus plugin (140735 - HTTP Smuggling Detection) was very recently incorporated into Tenable's PCI template and is now beeing flagged as a "medium" vulnerability and causing scans to fail. The only info in the scan report is: A web server…

http nessus http2 request-smuggling

asked Sep 25 '20 at 23:30

B Robster

103
2

0

votes

2 answers

HTTP Request Smuggling Basics

I am currently trying to learn HTTP Request Smuggling vulnerability to further enhance my pen testing skills. I have watched a couple of videos on Youtube and read articles online regarding it but still have a couple of questions in mind: What are…

http header request-smuggling

asked Sep 16 '20 at 04:53

Emanuel Beni

133
8

-1

votes

2 answers

People say "false positives" in request smuggling. What does it mean?

I always see "false positives" or "false negatives" in HTTP request smuggling forum posts. What does it mean? Example: HTTP Desync Attacks: Request Smuggling Reborn

http request-smuggling

asked Feb 07 '21 at 12:06

eyal

73
1
3

Questions tagged [request-smuggling]