Back to directory

WRITEUP #2018

Client Side Desync Attack (CL.0 Request Smuggling) — Bounty of $150

OtherHTTP request smugglingClient-Side Desync attack

byBodhendu Panda

Bounty

150

Program

-

Published

Oct 26, 2022

Added to HackDex

May 8, 2023

Read Full Writeuphttps://bpandasec.medium.com/client-side-desync-attack-cl-0-request-smuggling-bounty-of-150-327d3aeaeea6

▸ RELATED WRITEUPS

Gudifu: Guided Differential Fuzzing for HTTP Request Parsing Discrepancies

OtherWeb cache poisoning

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

Ghost In The Ppl Part 1: Byovdll

OtherUse-After-Free

Built with ❤️ by Shubham Rawat