HTTP Request Smuggling – H2 CRLF Injection
In this next lab, we have to go a bit deeper into the differences between how HTTP/1.1 and HTTP/2 are[…]
Read morePlay for serendipity…
In this next lab, we have to go a bit deeper into the differences between how HTTP/1.1 and HTTP/2 are[…]
Read moreIn the previous lab we looked at a H2.TE vulnerability. To exploit, we needed to upgrade the request from HTTP/1.1[…]
Read moreThis is a unique attack and takes advantage of an implementation that accepts HTTP/2 requests but then downgrades the requests[…]
Read moreIn this post, we’re going to be looking at utilizing the headers within a smuggled request to fire a cross[…]
Read moreWe’re getting to the good stuff now! We’ve moved past theory again with this lab and now we’re using a[…]
Read more