Back to directory

WRITEUP #2935

HDiff: A Semi-automatic Framework for Discovering Semantic Gap Attack in HTTP Implementations

OtherHTTP request smugglingDoSSemantic gap attacks

by@m0xiaoxi(Kaiwen Shen)

Program

-

Published

Mar 1, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://shenkaiwen.com/publication/2022-hdiff/

▸ RELATED WRITEUPS

Vulnerabilities in NodeJS C/C++ add-on extensions

OtherMemory corruption

Gudifu: Guided Differential Fuzzing for HTTP Request Parsing Discrepancies

OtherWeb cache poisoning

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

Built with ❤️ by Shubham Rawat