HTTP request smuggling attack

This kind of bug was interesting, but I was stuck in understanding some of these two points.

  • What if there was no load balancer or reverse proxy is this bug still exploitable?
  • Is there any specific endpoints to look for?

Thanks,
Iheb Hamad

If you’re thinking about the recently popularised HTTP Desync attack technique, then there does need to be a load balancer, reverse proxy or similar in place - otherwise, what two systems would you desynchronize?

Usually you want to look for POST forms, namely the login page.

1 Like