Hey everyone! Check out this playlist for all my solutions to the HTTP Request Smuggling labs from PortSwigger - 👀 th-cam.com/play/PLGb2cDlBWRUX1_7RAIjRkZDYgAB3VbUSw.html Here are the timestamps for this video - ⏱ 00:00 - Intro 04:07 - Detect the CL.TE vulnerability 06:09 - Confirm the CL.TE vulnerability with Differential Responses
I spent very much time understanding this lab and solved this a couple of times to clear the concept but things were unclear. After watching your few minutes of video my concepts are clear now. you explained it very well and in very much detail. Thanks a lot, SIR!!.
thank you @user-ii6do7ho6e! http request smuggling is definitely challenging in the beginning, but I'm glad the video helped making the concepts a bit clearer. Good luck with the rest of the labs! ❤️
I spent very much time understanding this lab and the basic techniques behind it and solved the lab a couple of times but things were unclear. Your few minutes of video made my day... You explained it very well.............. Thanks a lot, Sir
Thank you very much, I have only one question, in real case scenario most websites do not allow changing the request for GET to POST, However we need this to send the attack request which is the POST and the normal request which is the GET, so how we can do this if the websites prevent the request method changing? can we do the attack using two POST requests (attack & normal)?
X-ignore is not a standard header, and without it the lab only gives 400 not the 404 we desire....I need to know what is this custom header doing?....is it somehow related to the newline not being present in the conjunction of the poison and the normal request.....OH. to avoid invalid request error
Hey @pranjalruhela1103, indeed it's just there to prevent the GET request method from the normal request from being on the next line, as that would cause an invalid request error due to the double request method in the request on separate lines. You can pretty much pick any name instead of X-Ignore, I just use X-Ignore as a standard as it's not a common header name that's used elsewhere, sometimes I use "Foo" or my own name instead 😝
hey mahn please help me here,i have been trying to do this lab and following your steps without any diviation but i still cant solve the lab, what could be the issue???????
hey @user-xg2vm2cv2k, it depends but there are a lot of high criticality exploits that are possible if you find a http request smuggling vulnerability. Later PortSwigger labs teach you how to find and exploit these - see portswigger.net/web-security/request-smuggling/exploiting. I have added solutions for all of the exploitation labs in my http request smuggling playlist: th-cam.com/play/PLGb2cDlBWRUX1_7RAIjRkZDYgAB3VbUSw.html
for starter, you can smuggle requests and your normal visitors won't be able to visit the website, they will get poisoned responses like not found, timeouts, etc
Hey everyone! Check out this playlist for all my solutions to the HTTP Request Smuggling labs from PortSwigger - 👀
th-cam.com/play/PLGb2cDlBWRUX1_7RAIjRkZDYgAB3VbUSw.html
Here are the timestamps for this video - ⏱
00:00 - Intro
04:07 - Detect the CL.TE vulnerability
06:09 - Confirm the CL.TE vulnerability with Differential Responses
I spent very much time understanding this lab and solved this a couple of times to clear the concept but things were unclear. After watching your few minutes of video my concepts are clear now. you explained it very well and in very much detail. Thanks a lot, SIR!!.
thank you @user-ii6do7ho6e! http request smuggling is definitely challenging in the beginning, but I'm glad the video helped making the concepts a bit clearer. Good luck with the rest of the labs! ❤️
I spent very much time understanding this lab and the basic techniques behind it and solved the lab a couple of times but things were unclear. Your few minutes of video made my day... You explained it very well.............. Thanks a lot, Sir
amazing work, hope you do more videos like this
Thank you very much, I have only one question, in real case scenario most websites do not allow changing the request for GET to POST, However we need this to send the attack request which is the POST and the normal request which is the GET, so how we can do this if the websites prevent the request method changing? can we do the attack using two POST requests (attack & normal)?
X-ignore is not a standard header, and without it the lab only gives 400 not the 404 we desire....I need to know what is this custom header doing?....is it somehow related to the newline not being present in the conjunction of the poison and the normal request.....OH. to avoid invalid request error
Hey @pranjalruhela1103, indeed it's just there to prevent the GET request method from the normal request from being on the next line, as that would cause an invalid request error due to the double request method in the request on separate lines.
You can pretty much pick any name instead of X-Ignore, I just use X-Ignore as a standard as it's not a common header name that's used elsewhere, sometimes I use "Foo" or my own name instead 😝
hey mahn please help me here,i have been trying to do this lab and following your steps without any diviation but i still cant solve the lab, what could be the issue???????
nice bro thank you!!!
Best expln for http smuggle
thank you @warnawarni5227!
the only question that comme into my mind right now is how can this affect a real word envirenment ??
hey @user-xg2vm2cv2k, it depends but there are a lot of high criticality exploits that are possible if you find a http request smuggling vulnerability. Later PortSwigger labs teach you how to find and exploit these - see portswigger.net/web-security/request-smuggling/exploiting. I have added solutions for all of the exploitation labs in my http request smuggling playlist: th-cam.com/play/PLGb2cDlBWRUX1_7RAIjRkZDYgAB3VbUSw.html
for starter, you can smuggle requests and your normal visitors won't be able to visit the website, they will get poisoned responses like not found, timeouts, etc