This kind of bug was interesting, but I was stuck in understanding some of these two points.
- What if there was no load balancer or reverse proxy is this bug still exploitable?
- Is there any specific endpoints to look for?
Thanks,
Iheb Hamad
This kind of bug was interesting, but I was stuck in understanding some of these two points.
Thanks,
Iheb Hamad
If you’re thinking about the recently popularised HTTP Desync attack technique, then there does need to be a load balancer, reverse proxy or similar in place - otherwise, what two systems would you desynchronize?
Usually you want to look for POST forms, namely the login page.
@Waike I have gone through portswigger tutorial and if we get 404 for hopefully404 Turbo Intruder script than does it means Http-request-smuggling is successful.
My thought: Why we get 404 is because smuggled Get request is also responded via Post request
Thanks