ch0ic3/AllAboutBugBounty
1
0
Fork 0
mirror of https://github.com/daffainfo/AllAboutBugBounty.git synced 2024-12-19 19:06:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update CRLF Injection.md

Browse Source 
referenced from the above writeup


https://infosecwriteups.com/6000-with-microsoft-hall-of-fame-microsoft-firewall-bypass-crlf-to-xss-microsoft-bug-bounty-8f6615c47922
This commit is contained in:
Sourav Chakraborty 2023-09-08 17:30:04 +05:30 committed by GitHub
parent 0a16c9d981
commit 3cf914f8d2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CRLF Injection.md
View File

@ -5,6 +5,8 @@ A CRLF Injection attack occurs when a user manages to submit a CRLF into an appl
## Where to find
It can be found anywhere, always check the request and response. Try to search for parameters that lead to redirects, you can see the response is (301, 302, 303, 307, 308).
Also observe the response and request.
Like let's assume we have a website named example.com and we know that /admin exist and when we type it it takes us to the particular endpoint but when we /axyz we know it doesn't exist and it should return 404 not found, but if it returns with something like 400 bad request then we know that the server is trying to process the request and then you can try CRLF.
## How to exploit
1. Basic payload
@ -32,4 +34,4 @@ https://example.com/?lang=en%E5%98%8A%E5%98%8DLocation:%20https://evil.com/
## References
* [@filedescriptor](https://blog.innerht.ml/twitter-crlf-injection/)
* [EdOverflow](https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/crlf.md)
* [EdOverflow](https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/crlf.md)