Module Has Been Removed!

HTTP request smuggling

HTTP request smuggling is a web attack technique that exploits inconsistencies in the way different servers or components (like proxies and front-end/back-end servers) handle HTTP requests. By crafting malicious requests using conflicting headers (such as `Content-Length` and `Transfer-Encoding`), attackers can "smuggle" hidden requests past security controls. This can lead to various issues, including cache poisoning, session hijacking, and unauthorized access, making it a serious threat in modern web applications.

Task 1 HTTP request smuggling

Scenario:
You are a penetration tester auditing the web application craw.in. You've identified a potential discrepancy in how the front-end server and the back-end server are interpreting HTTP requests. Your goal is to exploit this difference.

Answer The Questions

Question 1.
You observe the web server returns different response when sending the same request twice. What Header causing an inconsistent request handling?

Question 2.
You suspect CL.TE request smuggling. What does CL stand for?

Question 3.
Still suspected CL.TE request smuggling. What does TE stand for?

Question 4.
What encoding method used in Transfer-Encoding header?

Question 5.
The back-end server appears to be vulnerable to a CL.TE attack. What is the primary goal of exploiting this vulnerability?

Question 6.
In a successful CL.TE attack, what is smuggled?

Question 7.
You want to cause denial of service by crashing the server. What header can you manipulate to make the smuggled request invalid?

Question 8.
You want to redirect users to malicious website. Which header you need to control using http request smuggling to redirect to malicious website?

Question 9.
The application uses session cookies. What is the name of the header where the cookies usually sent in?

Question 10.
You successfully smuggled a request that captures another user's session cookie. What is the name for this attack?

Question 11.
What is the general term for vulnerabilities that arise from inconsistencies in how different parts of an application process HTTP requests?

Question 12.
After identifying a potential smuggling vulnerability, what's a common first step to confirm its exploitable?

Question 13.
To exploit request smuggling, what is the minimum number of HTTP requests you typically need to send in quick succession?

HTTP request smuggling

Task 1 HTTP request smuggling

Email Verification Required

Admin Panel