Back to directory

WRITEUP #147

Gudifu: Guided Differential Fuzzing for HTTP Request Parsing Discrepancies

OtherWeb cache poisoningCPDoSHTTP request smugglingAccess control bypass

by@BahruzJabiyev(Bahruz Jabiyev)

Program

ATSNginxHAProxy

Published

Jul 25, 2024

Added to HackDex

Aug 6, 2024

Read Full Writeuphttps://spaces-cdn.owlstown.com/blobs/exmixv7d3xutvlj6ksq80zkv4mot

▸ RELATED WRITEUPS

Gotta cache 'em all: bending the rules of web cache exploitation

OtherWeb cache poisoning

Splitting the email atom: exploiting parsers to bypass access controls

OtherWeb cache poisoning

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

Built with ❤️ by Shubham Rawat