Back to directory
WRITEUP #1063

Exploiting HTTP Parsers Inconsistencies

SSRFParsing issueWAF bypassDesync attackCache poisoning attack
by@rafabyte_(Rafael da Costa Santos)
Program
NginxAWSSpring BootFlaskPHP
Published
Jun 17, 2023
Added to HackDex
Oct 3, 2023
Read Full Writeuphttps://rafa.hashnode.dev/exploiting-http-parsers-inconsistencies
RELATED WRITEUPS
Listen to the whispers: web timing attacks that actually work
SSRFTiming attack
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
IIS welcome page to source code review to LFI!
SSRFLFI
NTLM Credential Theft in Python Windows Applications
SSRFNTLMv2 hash disclosure
Vulnerabilities in Homepage Dashboard
RCESSRF

Built with ❤️ by Shubham Rawat