Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2025-02-16 22:18:27 +00:00
Code Issues Projects Releases Packages Wiki Activity

GitBook: [master] 2 pages modified

Browse source
This commit is contained in:
CPol 2021-02-01 09:01:16 +00:00 committed by gitbook-bot
parent 2a48276696
commit 0611782f4c
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
2 changed files with 19 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
SUMMARY.md
View file

@ -181,6 +181,7 @@
* [69/UDP TFTP/Bittorrent-tracker](pentesting/69-udp-tftp.md)
* [79 - Pentesting Finger](pentesting/pentesting-finger.md)
* [80,443 - Pentesting Web Methodology](pentesting/pentesting-web/README.md)
* [Golang](pentesting/pentesting-web/golang.md)
* [Uncovering CloudFlare](pentesting/pentesting-web/uncovering-cloudflare.md)
* [Laravel](pentesting/pentesting-web/laravel.md)
* [Code Review Tools](pentesting/pentesting-web/code-review-tools.md)

18
pentesting/pentesting-web/golang.md Normal file
View file

@ -0,0 +1,18 @@
# Golang
### CONNECT method
In golang, the library net/http usually transforms the path to a canonical one before accessing it:
* /flag/ -- Is responded with a redirect to /flag
* /../flag --- Is responded with a redirect to /flag
* /flag/. -- Is responded with a redirect to /flag
However, when the CONNECT method is used this doesn't happen. So, if you need to access some protected resource you can abuse this trick:
```text
curl --path-as-is -X CONNECT http://gofs.web.jctf.pro/../flag
```
[https://github.com/golang/go/blob/9bb97ea047890e900dae04202a231685492c4b18/src/net/http/server.go\#L2354-L2364](https://github.com/golang/go/blob/9bb97ea047890e900dae04202a231685492c4b18/src/net/http/server.go#L2354-L2364)