GitBook: [master] one page and 3 assets modified

2024-11-24 21:53:54 +00:00 · 2021-03-23 01:08:47 +00:00 · 2021-03-23 01:08:47 +00:00 · bf817b3e5b
commit bf817b3e5b
parent b37bc52e68
4 changed files with 9 additions and 1 deletions
--- a/.gitbook/assets/image
+++ b/.gitbook/assets/image
--- a/.gitbook/assets/image
+++ b/.gitbook/assets/image
--- a/.gitbook/assets/image
+++ b/.gitbook/assets/image
--- a/pentesting-web/http-request-smuggling.md
+++ b/pentesting-web/http-request-smuggling.md
@ -124,10 +124,18 @@ Content-Length: 4
  
 1  
 A  
-X`
+0`

 Since the front-end server uses the `Content-Length` header, it will forward only part of this request, omitting the `X`. The back-end server uses the `Transfer-Encoding` header, processes the first chunk, and then waits for the next chunk to arrive. This will cause an observable time delay.

+Sometimes, instead of getting a timeout you receive a 400 bad request from the final host like in the following scenario, where a CL.TE payload is sent:
+
+![](../.gitbook/assets/image%20%28444%29.png)
+
+And the response is a redirect containing an error inside the body with even the version of the haproxy used:
+
+![](../.gitbook/assets/image%20%28443%29.png)
+
 ### Finding TE.CL vulnerabilities using timing techniques

 If an application is vulnerable to the TE.CL variant of request smuggling, then sending a request like the following will often cause a time delay: