Skip to content

SafeBreach-Labs/HRS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
smuggle.pl
smuggle.pl
 
 

Repository files navigation

HRS

Author: Amit Klein, Safebreach.

HTTP Request Smuggling demonstration Perl script, for variants 1, 2 and 5 in my BlackHat US 2020 paper HTTP Request Smuggling in 2020.

Running: smuggle.pl host port variant(1/2/5) POST_path target_path poison_path

Examples:

  • Variant 1 (Header SP junk): smuggle.pl www.example.com 80 1 /hello.php /welcome.html /poison.html
  • Variant 2 (Header SP junk + Wait): smuggle.pl www.example.com 80 2 /hello.php /welcome.html /poison.html
  • Variant 5 (CR Header + Wait): smuggle.pl www.example.com 80 5 /hello.php /welcome.html /poison.html

About

No description, website, or topics provided.

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

49 stars

Watchers

5 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages