HTTP Request Smuggling - False Positives
ฝัง
- เผยแพร่เมื่อ 29 ก.ย. 2024
- I had a chance to work together with Google Bug Hunters on a video regarding HTTP Request Smuggling false positives. This is the result.
▶️ TH-cam: / pinkdraconian
🎁 Patreon: / pinkdraconian
🐦 Twitter: / pinkdraconian
🎵 TikTok: / pinkdraconian
ℹ️ LinkedIn: / robbe-van-roey-365666195
📞 Discord: PinkDraconian#9907
📷 Instagram: / robbevanroey
🕸️ Website: pinkdraconian.d...
👨💻 HackTheBox: www.hackthebox...
🤖 Reddit: / pinkdraconian
☁️ Steam: steamcommunity...
🐈 GitHub: github.com/Pin...
I'm going to send here anyone that DMs me with a HRS false-positive
Thank you! Let's get these false positive reports out of the world!
very great , You solved a very difficult puzzle .... thanks so much😍
You are welcome 😊
Hey! This video is great. I had a question. Are specific endpoints of a website vulnerable to HTTP Request smuggling or a website as a whole is vulnerable to HTTP Request smuggling?
This vulnerability exists at a lower level than specific endpoints, so it will likely be all endpoints.
Great video - I understand the desync aspect but what I dont understand is how this could be exploited. From my current understanding, worst that could happen is that another user gets the response to the request I smuggled in. For example I request /indext.html and smuggle /404.html. The user that sends the next request will receive my 404 response.
How could this behavior be levaraged to pose any harm outside of a DOS attack - giving as many people as possible 404s
There are loads of way of further weaponizing request smuggling. Here's a great article by PortSwigger: portswigger.net/web-security/request-smuggling/exploiting
Hi, what about servers like s3 (only for statics) under a balancer like f5 ? Exist the vulnerability? T thanks
It all depends on the setup and whether the component is vulnerable. www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/
Fourth comment
Yahoooooooo! Well done!
I really liked your video. Could you tell me which app you use to create the images? It looks very nice.
Thank you very much. I use the Adobe suite for all images shown.
Awesome content for cyber security 🔥🔥🔥
Thank you so much!
Great video dude... I really love these types of attacks, I also prefer not to scan and do most work manually..
Third Comment!
What an achievement!
Second Comment
Woohoo!
Great video, keep it up , bro💜👊
Thank you!
I run across a lot of false positives with AWS load balancers.
Good to know! I read about this but wasn't able to reproduce myself. Didn't try for too long tho!
Great stuff, as always, mate! I definitely want to look into HTTP smuggling, and HTTP desync, more now. Thanks!
It's a very interesting vulnerability. I was mindblown by it at first!
@@PinkDraconian thanks 👍🏼♥️
Really good explanation
Thank you Cristi, means a lot coming from you!
Loving this channel !!
Aww thanks!
🔥🔥🔥👍🏼
🧯🚒👩🚒
Very interesting video! 👍🏾 thanks for sharing
Thank you for watching!
How we spot the HTTP Request Smuggling Vulne .
There's a great PortSwigger academy article on this!
I needed that pipelining method thank you, hopefully it works out :)
Best of luck!
Request smuggling is so cool. Idk why but it’s one of my favorite attacks.
Same, I love this attack. I think it still has so much research potential as well!
@@PinkDraconian 💯, James Kettle has some nice material on it. Still a ton left to be uncovered!
Thank you. I will subscribe.
Thanks for the sub!
How old are You buddy?
I'm 22 :)
good stuff < 3
Thanks
Thank you!
Thank you!
Very well explained! I earlier read PortSwiggers material about request smuggling, but this video basically clarified a lot of this topic :)
Thanks! Happy to hear that this video helped so much!