diff --git a/Web Cache Deception/Intruders/param_miner_lowercase_headers.txt b/Web Cache Deception/Intruders/param_miner_lowercase_headers.txt index 8ff7e68..16f1175 100644 --- a/Web Cache Deception/Intruders/param_miner_lowercase_headers.txt +++ b/Web Cache Deception/Intruders/param_miner_lowercase_headers.txt @@ -1,1102 +1,1127 @@ -Accept -Accept-Application -Accept-Charset -Accepted -Accept-Encoding -Accept-Encodxng -Accept-Language -Accept-Ranges -Accept-Version -Access-Control-Allow-Credentials -Access-Control-Allow-Headers -Access-Control-Allow-Methods -Access-Control-Allow-Origin -Access-Control-Expose-Headers -Access-Control-Max-Age -Access-Control-Request-Headers -Access-Control-Request-Method -Accesskey -Access-Token -Action -Admin -Age -Ajax -Akamai-Origin-Hop -Allow -App -Appcookie -App-Env -App-Key -Apply-To-Redirect-Ref -Appname -Appversion -Atcept-Language -Auth -Auth-Any -Auth-Basic -Auth-Digest -Auth-Digest-Ie -Authentication -Auth-Gssneg -Auth-Key -Auth-Ntlm -Authorization -Auth-Password -Auth-Realm -Auth-Type -Auth-User -Bad-Gateway -Bad-Request -Bae-Env-Addr-Bcms -Bae-Env-Addr-Bcs -Bae-Env-Addr-Bus -Bae-Env-Addr-Channel -Bae-Env-Addr-Sql-Ip -Bae-Env-Addr-Sql-Port -Bae-Env-Ak -Bae-Env-Appid -Bae-Env-Sk -Bae-Logid -Bar -Base -Base-Url -Basic -Bearer-Indication -Body-Maxlength -Body-Truncated -Brief -Browser-User-Agent -Cache-Control -Cache-Info -Case-Files -Catalog -Catalog-Server -Category -Cert-Cookie -Cert-Flags -Cert-Issuer -Cert-Keysize -Cert-Secretkeysize -Cert-Serialnumber -Cert-Server-Issuer -Cert-Server-Subject -Cert-Subject -Cf-Connecting-Ip -Cf-Ipcountry -Cf-Template-Path -Cf-Visitor -Ch -Challenge-Response -Charset -Chunk-Size -Client -Clientaddress -Client-Address -Client-Bad-Request -Client-Conflict -Client-Error-Cannot-Access-Local-File -Client-Error-Cannot-Connect -Client-Error-Communication-Failure -Client-Error-Connect -Client-Error-Invalid-Parameters -Client-Error-Invalid-Server-Address -Client-Error-No-Error -Client-Error-Protocol-Failure -Client-Error-Unspecified-Error -Client-Expectation-Failed -Client-Forbidden -Client-Gone -Clientip -Client-Ip -Client-Length-Required -Client-Method-Not-Allowed -Client-Not-Acceptable -Client-Not-Found -Client-Payment-Required -Client-Precondition-Failed -Client-Proxy-Auth-Required -Client-Quirk-Mode -Client-Requested-Range-Not-Possible -Client-Request-Timeout -Client-Request-Too-Large -Client-Request-Uri-Too-Large -Client-Unauthorized -Client-Unsupported-Media-Type -Cloudfront-Viewer-Country -Cloudinary-Name -Cloudinary-Public-Id -Cloudinaryurl -Cloudinary-Version -Code -Coming-From -Compress -Conflict -Connection -Connection-Type -Contact -Content -Content-Disposition -Content-Encoding -Content-Language -Content-Length -Content-Location -Content-Md5 -Content-Range -Content-Security-Policy -Content-Security-Policy-Report-Only -Content-Type -Content-Type-Xhtml -Context-Path -Continue -Cookie -Cookie2 -Cookie-Domain -Cookie-Httponly -Cookie-Parse-Raw -Cookie-Path -Cookies -Cookie-Secure -Cookie-Vars -Core-Base -Created -Credentials-Filepath -Curl -Curl-Multithreaded -Custom-Header -Custom-Secret-Header -Dataserviceversion -Date -Debug -Deflate-Level-Def -Deflate-Level-Max -Deflate-Level-Min -Deflate-Strategy-Def -Deflate-Strategy-Filt -Deflate-Strategy-Fixed -Deflate-Strategy-Huff -Deflate-Strategy-Rle -Deflate-Type-Gzip -Deflate-Type-Raw -Deflate-Type-Zlib -Delete -Depth -Destination -Destroy -Devblocksproxybase -Devblocksproxyhost -Devblocksproxyssl -Device-Stock-Ua -Digest -Dir -Dir-Name -Dir-Resource -Disable-Gzip -Dkim-Signature -Dnt -Download-Attachment -Download-Bad-Url -Download-Bz2 -Download-Cut-Short -Download-E-Headers-Sent -Download-E-Invalid-Archive-Type -Download-E-Invalid-Content-Type -Download-E-Invalid-File -Download-E-Invalid-Param -Download-E-Invalid-Request -Download-E-Invalid-Resource -Download-E-No-Ext-Mmagic -Download-E-No-Ext-Zlib -Download-Inline -Download-Mime-Type -Download-No-Server -Download-Size -Download-Status-Not-Found -Download-Status-Server-Error -Download-Status-Unauthorized -Download-Status-Unknown -Download-Tar -Download-Tgz -Download-Url -Download-Zip -E-Encoding -E-Header -E-Invalid-Param -E-Malformed-Headers -E-Message-Type -Enable-Gzip -Enable-No-Cache-Headers -Encoding-Stream-Flush-Full -Encoding-Stream-Flush-None -Encoding-Stream-Flush-Sync -Env-Silla-Environment -Env-Vars -E-Querystring -E-Request -E-Request-Method -E-Request-Pool -E-Response -Error -Error-1 -Error-2 -Error-3 -Error-4 -Error-Formatting-Html -E-Runtime -E-Socket -Espo-Authorization -Espo-Cgi-Auth -Etag -E-Url -Eve-Charid -Eve-Charname -Eve-Solarsystemid -Eve-Solarsystemname -Eve-Trusted -Ex-Copy-Movie -Expect -Expectation-Failed -Expires -Ext -Failed-Dependency -Fake-Header -Fastly-Client-Ip -Fb-Appid -Fb-Secret -Filename -File-Not-Found -Files -Files-Vars -Fire-Breathing-Dragon -Foo -Foo-Bar -Forbidden -Force-Language -Force-Local-Xhprof -Format -Forwarded -Forwarded-For -Forwarded-For-Ip -Forwarded-Proto -From -Fromlink -Front-End-Https -Gateway-Interface -Gateway-Time-Out -Get -Get-Vars -Givenname -Global-All -Global-Cookie -Global-Get -Global-Post -Gone -Google-Code-Project-Hosting-Hook-Hmac -Gzip-Level -H0st -Head -Header -Header-Lf -Header-Status-Client-Error -Header-Status-Informational -Header-Status-Redirect -Header-Status-Server-Error -Header-Status-Successful -Home -Host -Hosti -Host-Liveserver -Host-Name -Host-Unavailable -Htaccess -Http-Accept -Http-Accept-Encoding -Http-Accept-Language -Http-Authorization -Http-Connection -Http-Cookie -Http-Host -Http-Phone-Number -Http-Referer -Https -Https-From-Lb -Https-Keysize -Https-Secretkeysize -Https-Server-Issuer -Https-Server-Subject -Http-Url -Http-User-Agent -If -If-Match -If-Modified-Since -If-Modified-Since-Version -If-None-Match -If-Posted-Before -If-Range -If-Unmodified-Since -If-Unmodified-Since-Version -Image -Images -Incap-Client-Ip -Info -Info-Download-Size -Info-Download-Time -Info-Return-Code -Info-Total-Request-Stat -Info-Total-Response-Stat -Insufficient-Storage -Internal-Server-Error -Ipresolve-Any -Ipresolve-V4 -Ipresolve-V6 -Ischedule-Version -Iv-Groups -Iv-User -Javascript -Jenkins -Keep-Alive -Kiss-Rpc -Label -Large-Allocation -Last-Event-Id -Last-Modified -Length-Required -Link -Local-Addr -Local-Content-Sha1 -Local-Dir -Location -Locked -Lock-Token -Mail -Max-Conn -Maxdataserviceversion -Max-Forwards -Max-Request-Size -Max-Uri-Length -Message -Message-B -Meth- -Meth-Acl -Meth-Baseline-Control -Meth-Checkin -Meth-Checkout -Meth-Connect -Meth-Copy -Meth-Delete -Meth-Get -Meth-Head -Meth-Label -Meth-Lock -Meth-Merge -Meth-Mkactivity -Meth-Mkcol -Meth-Mkworkspace -Meth-Move -Method -Method-Not-Allowed -Meth-Options -Meth-Post -Meth-Propfind -Meth-Proppatch -Meth-Put -Meth-Report -Meth-Trace -Meth-Uncheckout -Meth-Unlock -Meth-Update -Meth-Version-Control -Mimetype -Modauth -Mode -Mod-Env -Mod-Rewrite -Mod-Security-Message -Module-Class -Module-Class-Path -Module-Name -Moved-Permanently -Moved-Temporarily -Ms-Asprotocolversion -Msg-None -Msg-Request -Msg-Response -Msisdn -Multipart-Boundary -Multiple-Choices -Multi-Status -My-Header -Mysqlport -Native-Sockets -Negotiate -Nl -No-Content -Non-Authoritative -Nonce -Not-Acceptable -Not-Exists -Not-Extended -Not-Found -Notification-Template -Not-Implemented -Not-Modified -Oc-Chunked -Ocs-Apirequest -Ok -On-Behalf-Of -Onerror-Continue -Onerror-Die -Onerror-Return -Opencart -Options -Organizer -Origin -Originator -Orig_path_info -Overwrite -Params-Allow-Comma -Params-Allow-Failure -Params-Default -Params-Get-Catid -Params-Get-Currentday -Params-Get-Disposition -Params-Get-Downwards -Params-Get-Givendate -Params-Get-Lang -Params-Get-Type -Params-Raise-Error -Partial-Content -Passkey -Password -Path -Path-Base -Path-Info -Path-Themes -Path-Translated -Payment-Required -Pc-Remote-Addr -Phone-Number -Php -Php-Auth-Pw -Php-Auth-User -Phpthreads -Pink-Pony -Port -Portsensor-Auth -Post -Post-Error -Post-Files -Postredir-301 -Postredir-302 -Postredir-All -Post-Vars -Pragma -Pragma-No-Cache -Precondition-Failed -Prefer -Processing -Profile -Protocol -Protocols -Proxy -Proxy-Agent -Proxy-Authenticate -Proxy-Authentication-Required -Proxy-Authorization -Proxy-Connection -Proxy-Host -Proxy-Http -Proxy-Http-1-0 -Proxy-Password -Proxy-Port -Proxy-Pwd -Proxy-Request-Fulluri -Proxy-Socks4 -Proxy-Socks4a -Proxy-Socks5 -Proxy-Socks5-Hostname -Proxy-Url -Proxy-User -Public-Key-Pins -Public-Key-Pins-Report-Only -Pull -Put -Querystring -Query-String -Querystring-Type-Array -Querystring-Type-Bool -Querystring-Type-Float -Querystring-Type-Int -Querystring-Type-Object -Querystring-Type-String -Range -Range-Not-Satisfiable -Raw-Post-Data -Read-State-Begin -Read-State-Body -Read-State-Headers -Real-Ip -Real-Method -Reason -Reason-Phrase -Recipient -Redirect -Redirected-Accept-Language -Redirect-Found -Redirection-Found -Redirection-Multiple-Choices -Redirection-Not-Modified -Redirection-Permanent -Redirection-See-Other -Redirection-Temporary -Redirection-Unused -Redirection-Use-Proxy -Redirect-Perm -Redirect-Post -Redirect-Problem-Withoutwww -Redirect-Problem-Withwww -Redirect-Proxy -Redirect-Temp -Ref -Referer -Referer -Referrer -Referrer-Policy -Refferer -Refresh -Remix-Hash -Remote-Addr -Remote-Host -Remote-Host-Wp -Remote-User -Remote-Userhttps -Report-To -Request -Request2-Tests-Base-Url -Request2-Tests-Proxy-Host -Request-Entity-Too-Large -Request-Error -Request-Error-File -Request-Error-Gzip-Crc -Request-Error-Gzip-Data -Request-Error-Gzip-Method -Request-Error-Gzip-Read -Request-Error-Proxy -Request-Error-Redirects -Request-Error-Response -Request-Error-Url -Request-Http-Ver-1-0 -Request-Http-Ver-1-1 -Request-Mbstring -Request-Method -Request-Method- -Request-Method-Delete -Request-Method-Get -Request-Method-Head -Request-Method-Options -Request-Method-Post -Request-Method-Put -Request-Method-Trace -Request-Timeout -Request-Time-Out -Requesttoken -Request-Uri -Request-Uri-Too-Large -Request-Vars -Reset-Content -Response -Rest-Key -Rest-Sign -Retry-After -Returned-Error -Rlnclientipaddr -Root -Safe-Ports-List -Safe-Ports-Ssl-List -Schedule-Reply -Scheme -Script-Name -Secretkey -Sec-Websocket-Accept -Sec-Websocket-Extensions -Sec-Websocket-Key -Sec-Websocket-Key1 -Sec-Websocket-Key2 -Sec-Websocket-Origin -Sec-Websocket-Protocol -Sec-Websocket-Version -See-Other -Self -Send-X-Frame-Options -Server -Server-Bad-Gateway -Server-Error -Server-Gateway-Timeout -Server-Internal -Server-Name -Server-Not-Implemented -Server-Port -Server-Port-Secure -Server-Protocol -Server-Service-Unavailable -Server-Software -Server-Unsupported-Version -Server-Vars -Server-Varsabantecart -Service-Unavailable -Session-Id-Tag -Session-Vars -Set-Cookie -Set-Cookie2 -Shib- -Shib-Application-Id -Shib-Identity-Provider -Shib-Logouturl -Shopilex -Slug -Sn -Soapaction -Socket-Connection-Err -Socketlog -Somevar -Sourcemap -Sp-Client -Sp-Host -Ssl -Ssl-Https -Ssl-Offloaded -Sslsessionid -Ssl-Session-Id -Ssl-Version-Any -Start -Status -Status- -Status-403 -Status-403-Admin-Del -Status-404 -Status-Bad-Request -Status-Code -Status-Forbidden -Status-Ok -Status-Platform-403 -Strict-Transport-Security -Str-Match -Success-Accepted -Success-Created -Success-No-Content -Success-Non-Authoritative -Success-Ok -Success-Partial-Content -Success-Reset-Content -Support -Support-Encodings -Support-Events -Support-Magicmime -Support-Requests -Support-Sslrequests -Surrogate-Capability -Switching-Protocols -Te -Temporary-Redirect -Test -Test-Config -Test-Server-Path -Test-Something-Anything -Ticket -Timeout -Time-Out -Timing-Allow-Origin -Title -Tk -Tmp -Token -Trailer -Transfer-Encoding -Translate -Transport-Err -True-Client-Ip -Ua -Ua-Color -Ua-Cpu -Ua-Os -Ua-Pixels -Ua-Resolution -Ua-Voice -Unauthorized -Unencoded-Url -Unit-Test-Mode -Unless-Modified-Since -Unprocessable-Entity -Unsupported-Media-Type -Upgrade -Upgrade-Insecure-Requests -Upgrade-Required -Upload-Default-Chmod -Uri -Url -Url-From-Env -Url-Join-Path -Url-Join-Query -Url-Replace -Url-Sanitize-Path -Url-Strip- -Url-Strip-All -Url-Strip-Auth -Url-Strip-Fragment -Url-Strip-Pass -Url-Strip-Path -Url-Strip-Port -Url-Strip-Query -Url-Strip-User -Use-Gzip -Use-Proxy -User -Useragent -User-Agent -Useragent-Via -User-Agent-Via -User-Email -User-Id -User-Mail -User-Name -User-Photos -Util -Variant-Also-Varies -Vary -Verbose -Verbose-Throttle -Verify-Cert -Version -Version-1-0 -Version-1-1 -Version-Any -Versioncode -Version-None -Version-Not-Supported -Via -Viad -Waf-Stuff-Below -Wap-Connection -Warning -Webodf-Member-Id -Webodf-Session-Id -Webodf-Session-Revision -Web-Server-Api -Work-Directory -Www-Address -Www-Authenticate -X -X- -X-Aastra-Expmod1 -X-Aastra-Expmod2 -X-Aastra-Expmod3 -X-Accel-Mapping -X-Access-Token -X-Advertiser-Id -X-Ajax-Real-Method -X_alto_ajax_key -X-Alto-Ajax-Keyz -X-Amz-Date -X-Amzn-Remapped-Host -X-Amz-Website-Redirect-Location -X-Api-Key -X-Api-Signature -X-Api-Timestamp -X-Apitoken -X-Apple-Client-Application -X-Apple-Store-Front -X-Arr-Log-Id -X-Arr-Ssl -X-Att-Deviceid -X-Authentication -X-Authentication-Key -X-Auth-Key -X-Auth-Mode -Xauthorization -X-Authorization -X-Auth-Password -X-Auth-Service-Provider -X-Auth-Token -X-Auth-User -X-Auth-Userid -X-Auth-Username -X-Avantgo-Screensize -X-Azc-Remote-Addr -X-Bear-Ajax-Request -X-Bluecoat-Via -X-Bolt-Phone-Ua -X-Browser-Height -X-Browser-Width -X-Cascade -X-Cept-Encoding -X-Cf-Url -X-Chrome-Extension -X-Cisco-Bbsm-Clientip -X-Client-Host -X-Client-Id -X-Clientip -X-Client-Ip -X-Client-Key -X-Client-Os -X-Client-Os-Ver -X-Cluster-Client-Ip -X-Codeception-Codecoverage -X-Codeception-Codecoverage-Config -X-Codeception-Codecoverage-Debug -X-Codeception-Codecoverage-Suite -X-Collect-Coverage -X-Coming-From -X-Confirm-Delete -X-Content-Type -X-Content-Type-Options -X-Credentials-Request -X-Csrf-Crumb -X-Csrftoken -X-Csrf-Token -X-Cuid -X-Custom -X-Dagd-Proxy -X-Davical-Testcase -X-Dcmguid -X-Debug-Test -X-Device-User-Agent -X-Dialog -X-Dns-Prefetch-Control -X-Dokuwiki-Do -X-Do-Not-Track -X-Drestcg -X-Dsid -X-Elgg-Apikey -X-Elgg-Hmac -X-Elgg-Hmac-Algo -X-Elgg-Nonce -X-Elgg-Posthash -X-Elgg-Posthash-Algo -X-Elgg-Time -X-Em-Uid -X-Enable-Coverage -X-Environment-Override -X-Expected-Entity-Length -X-Experience-Api-Version -X-Fb-User-Remote-Addr -X-File-Id -X-Filename -X-File-Name -X-File-Resume -X-File-Size -X-File-Type -X-Firelogger -X-Fireloggerauth -X-Firephp-Version -X-Flash-Version -X-Flx-Consumer-Key -X-Flx-Consumer-Secret -X-Flx-Redirect-Url -X-Foo -X-Foo-Bar -X-Forwarded -X-Forwarded-By -X-Forwarded-For -X-Forwarded-For-Original -X-Forwarded-Host -X-Forwarded-Port -X-Forwarded-Proto -X-Forwarded-Protocol -X-Forwarded-Scheme -X-Forwarded-Server -X-Forwarded-Ssl -X-Forwarded-Ssl -X-Forwarder-For -X-Forward-For -X-Forward-Proto -X-From -X-Gb-Shared-Secret -X-Geoip-Country -X-Get-Checksum -X-Helpscout-Event -X-Helpscout-Signature -X-Hgarg- -X-Host -X-Http-Destinationurl -X-Http-Host-Override -X-Http-Method -X-Http-Method-Override -X-Http-Path-Override -X-Https -X-Htx-Agent -X-Huawei-Userid -X-Hub-Signature -X-If-Unmodified-Since -X-Imbo-Test-Config -X-Insight -X-Ip -X-Ip-Trail -X-Iwproxy-Nesting -X-Jphone-Color -X-Jphone-Display -X-Jphone-Geocode -X-Jphone-Msname -X-Jphone-Uid -X-Json -X-Kaltura-Remote-Addr -X-Known-Signature -X-Known-Username -X-Litmus -X-Litmus-Second -X-Locking -X-Machine -X-Mandrill-Signature -X-Method-Override -X-Mobile-Gateway -X-Mobile-Ua -X-Mosso-Dt -X-Moz -X-Msisdn -X-Ms-Policykey -X-Myqee-System-Debug -X-Myqee-System-Hash -X-Myqee-System-Isadmin -X-Myqee-System-Isrest -X-Myqee-System-Pathinfo -X-Myqee-System-Project -X-Myqee-System-Rstr -X-Myqee-System-Time -X-Network-Info -X-Nfsn-Https -X-Ning-Request-Uri -X-Nokia-Bearer -X-Nokia-Connection-Mode -X-Nokia-Gateway-Id -X-Nokia-Ipaddress -X-Nokia-Msisdn -X-Nokia-Wia-Accept-Original -X-Nokia-Wtls -X-Nuget-Apikey -X-Oc-Mtime -Xonnection -X-Opera-Info -X-Operamini-Features -X-Operamini-Phone -X-Operamini-Phone-Ua -X-Options -X-Orange-Id -X-Orchestra-Scheme -X-Orig-Client -X-Original-Host -X-Original-Http-Command -X-Originally-Forwarded-For -X-Originally-Forwarded-Proto -X-Original-Remote-Addr -X-Original-Url -X-Original-User-Agent -X-Originating-Ip -X-Os-Prefs -X-Overlay -X-Pagelet-Fragment -X-Password -Xpdb-Debugger -X-Phabricator-Csrf -X-Phpbb-Using-Plupload -X-Pjax -X-Pjax-Container -X-Prototype-Version -Xproxy -X-Proxy-Url -X-Pswd -X-Purpose -X-Qafoo-Profiler -X-Real-Ip -X-Remote-Addr -X-Remote-Protocol -X-Render-Partial -X-Request -X-Requested-With -X-Request-Id -X-Request-Signature -X-Request-Start -X-Request-Timestamp -X-Response-Format -X-Rest-Cors -X-Rest-Password -X-Rest-Username -X-Rewrite-Url -Xroxy-Connection -X-Sakura-Forwarded-For -X-Scalr-Auth-Key -X-Scalr-Auth-Token -X-Scalr-Env-Id -X-Scanner -X-Scheme -X-Screen-Height -X-Screen-Width -X-Sendfile-Type -X-Serialize -X-Serial-Number -X-Server-Id -X-Server-Name -X-Server-Port -X-Signature -X-Sina-Proxyuser -X-Skyfire-Phone -X-Skyfire-Screen -X-Ssl -X-Subdomain -X-Te -X-Teamsite-Preremap -X-Test-Session-Id -X-Timer -X-Tine20-Jsonkey -X-Tine20-Request-Type -X-Tomboy-Client -X-Tor -X-Twilio-Signature -X-Ua-Device -X-Ucbrowser-Device-Ua -X-Uidh -X-Unique-Id -X-Uniquewcid -X-Up-Calling-Line-Id -X-Update -X-Update-Range -X-Up-Devcap-Iscolor -X-Up-Devcap-Screendepth -X-Up-Devcap-Screenpixels -X-Upload-Maxresolution -X-Upload-Name -X-Upload-Size -X-Upload-Type -X-Up-Subno -X-Url-Scheme -X-User -X-User-Agent -X-Username -X-Varnish -X-Verify-Credentials-Authorization -X-Vodafone-3gpdpcontext -X-Wap-Clientid -X-Wap-Client-Sdu-Size -X-Wap-Gateway -X-Wap-Network-Client-Ip -X-Wap-Network-Client-Msisdn -X-Wap-Profile -X-Wap-Proxy-Cookie -X-Wap-Session-Id -X-Wap-Tod -X-Wap-Tod-Coded -X-Whatever -X-Wikimedia-Debug -X-Wp-Nonce -X-Wp-Pjax-Prefetch -X-Ws-Api-Key -X-Xc-Schema-Version -X-Xhprof-Debug -X-Xhr-Referer -X-Xmlhttprequest -X-Xpid -Xxx-Real-Ip -Xxxxxxxxxxxxxxx -X-Zikula-Ajax-Token -X-Zotero-Version -X-Ztgo-Bearerinfo -Y -Zotero-Api-Version -Zotero-Write-Token +accept +accept-application +accept-charset +accepted +accept-encoding +accept-encodxng +accept-language +accept-ranges +accept-version +access-control-allow-credentials +access-control-allow-headers +access-control-allow-methods +access-control-allow-origin +access-control-expose-headers +access-control-max-age +access-control-request-headers +access-control-request-method +accesskey +access-token +action +admin +age +ajax +akamai-origin-hop +allow +alt-used +app +appcookie +app-env +app-key +apply-to-redirect-ref +appname +appversion +atcept-language +auth +auth-any +auth-basic +auth-digest +auth-digest-ie +authentication +auth-gssneg +auth-key +auth-ntlm +authorization +auth-password +auth-realm +auth-type +auth-user +bad-gateway +bad-request +bae-env-addr-bcms +bae-env-addr-bcs +bae-env-addr-bus +bae-env-addr-channel +bae-env-addr-sql-ip +bae-env-addr-sql-port +bae-env-ak +bae-env-appid +bae-env-sk +bae-logid +bar +base +base-url +basic +bearer-indication +body-maxlength +body-truncated +brief +browser-user-agent +cache-control +cache-info +case-files +catalog +catalog-server +category +cert-cookie +cert-flags +cert-issuer +cert-keysize +cert-secretkeysize +cert-serialnumber +cert-server-issuer +cert-server-subject +cert-subject +cf-connecting-ip +cf-ipcountry +cf-template-path +cf-visitor +ch +challenge-response +charset +chunk-size +client +client-address +clientaddress +client-bad-request +client-conflict +client-error-cannot-access-local-file +client-error-cannot-connect +client-error-communication-failure +client-error-connect +client-error-invalid-parameters +client-error-invalid-server-address +client-error-no-error +client-error-protocol-failure +client-error-unspecified-error +client-expectation-failed +client-forbidden +client-gone +client-ip +clientip +client-length-required +client-method-not-allowed +client-not-acceptable +client-not-found +client-payment-required +client-precondition-failed +client-proxy-auth-required +client-quirk-mode +client-requested-range-not-possible +client-request-timeout +client-request-too-large +client-request-uri-too-large +client-unauthorized +client-unsupported-media-type +cloudfront-viewer-country +cloudinary-name +cloudinary-public-id +cloudinaryurl +cloudinary-version +code +coming-from +command +compress +conflict +connection +connection-type +contact +content +content-disposition +content-encoding +content-language +content-length +content-location +content-md5 +content-range +content-security-policy +content-security-policy-report-only +content-type +content-type-xhtml +context-path +continue +cookie +cookie2 +cookie-domain +cookie-httponly +cookie-parse-raw +cookie-path +cookies +cookie-secure +cookie-vars +core-base +created +credentials-filepath +curl +curl-multithreaded +custom-header +custom-secret-header +dataserviceversion +date +debug +deflate-level-def +deflate-level-max +deflate-level-min +deflate-strategy-def +deflate-strategy-filt +deflate-strategy-fixed +deflate-strategy-huff +deflate-strategy-rle +deflate-type-gzip +deflate-type-raw +deflate-type-zlib +delete +depth +destination +destroy +devblocksproxybase +devblocksproxyhost +devblocksproxyssl +device-stock-ua +digest +dir +dir-name +dir-resource +disable-gzip +dkim-signature +dnt +download-attachment +download-bad-url +download-bz2 +download-cut-short +download-e-headers-sent +download-e-invalid-archive-type +download-e-invalid-content-type +download-e-invalid-file +download-e-invalid-param +download-e-invalid-request +download-e-invalid-resource +download-e-no-ext-mmagic +download-e-no-ext-zlib +download-inline +download-mime-type +download-no-server +download-size +download-status-not-found +download-status-server-error +download-status-unauthorized +download-status-unknown +download-tar +download-tgz +download-url +download-zip +e-encoding +e-header +e-invalid-param +e-malformed-headers +e-message-type +enable-gzip +enable-no-cache-headers +encoding-stream-flush-full +encoding-stream-flush-none +encoding-stream-flush-sync +env-silla-environment +env-vars +e-querystring +e-request +e-request-method +e-request-pool +e-response +error +error-1 +error-2 +error-3 +error-4 +error-formatting-html +e-runtime +e-socket +espo-authorization +espo-cgi-auth +etag +e-url +eve-charid +eve-charname +eve-solarsystemid +eve-solarsystemname +eve-trusted +ex-copy-movie +expect +expectation-failed +expires +ext +failed-dependency +fake-header +fastly-client-ip +fb-appid +fb-secret +filename +file-not-found +files +files-vars +fire-breathing-dragon +foo +foo-bar +forbidden +force-language +force-local-xhprof +format +forwarded +forwarded-for +forwarded-for-ip +forwarded-proto +from +fromlink +front-end-https +gateway-interface +gateway-time-out +get +get-vars +givenname +global-all +global-cookie +global-get +global-post +gone +google-code-project-hosting-hook-hmac +gzip-level +h0st +head +header +header-lf +header-status-client-error +header-status-informational +header-status-redirect +header-status-server-error +header-status-successful +home +host +host~%h:%s +hosti +host-liveserver +host-name +host-unavailable +htaccess +http-accept +http-accept-encoding +http-accept-language +http-authorization +http-connection +http-cookie +http-host +http-phone-number +http-referer +https +https-from-lb +https-keysize +http_sm_authdirname +http_sm_authdirnamespace +http_sm_authdiroid +http_sm_authdirserver +http_sm_authreason +http_sm_authtype +http_sm_dominocn +http_sm_realm +http_sm_realmoid +http_sm_sdomain +http_sm_serveridentityspec +http_sm_serversessionid +http_sm_serversessionspec +http_sm_sessiondrift +http_sm_timetoexpire +http_sm_transactionid +http_sm_universalid +http_sm_user +http_sm_userdn +http_sm_usermsg +https-secretkeysize +https-server-issuer +https-server-subject +http-url +http-user-agent +if +if-match +if-modified-since +if-modified-since-version +if-none-match +if-posted-before +if-range +if-unmodified-since +if-unmodified-since-version +image +images +incap-client-ip +info +info-download-size +info-download-time +info-return-code +info-total-request-stat +info-total-response-stat +insufficient-storage +internal-server-error +ipresolve-any +ipresolve-v4 +ipresolve-v6 +ischedule-version +iv-groups +iv-user +jenkins +keep-alive +kiss-rpc +large-allocation +last-event-id +last-modified +length-required +link +local-addr +local-content-sha1 +local-dir +location +locked +lock-token +mail +max-conn +maxdataserviceversion +max-forwards +max-request-size +max-uri-length +message +message-b +meth- +meth-acl +meth-baseline-control +meth-checkin +meth-checkout +meth-connect +meth-copy +meth-delete +meth-get +meth-head +meth-label +meth-lock +meth-merge +meth-mkactivity +meth-mkcol +meth-mkworkspace +meth-move +method +method-not-allowed +meth-options +meth-post +meth-propfind +meth-proppatch +meth-put +meth-report +meth-trace +meth-uncheckout +meth-unlock +meth-update +meth-version-control +mimetype +modauth +mode +mod-env +mod-rewrite +mod-security-message +module-class +module-class-path +module-name +moved-permanently +moved-temporarily +ms-asprotocolversion +msg-none +msg-request +msg-response +msisdn +multipart-boundary +multiple-choices +multi-status +my-header +mysqlport +native-sockets +nl +no-content +non-authoritative +nonce +not-acceptable +not-exists +not-extended +not-found +notification-template +not-implemented +not-modified +oc-chunked +ocs-apirequest +ok +on-behalf-of +onerror-continue +onerror-die +onerror-return +opencart +options +organizer +origin +originator +origin~https://%s.%h +orig_path_info +overwrite +params-allow-comma +params-allow-failure +params-default +params-get-catid +params-get-currentday +params-get-disposition +params-get-downwards +params-get-givendate +params-get-lang +params-get-type +params-raise-error +partial-content +passkey +password +path +path-base +path-info +path-themes +path-translated +payment-required +pc-remote-addr +phone-number +php +php-auth-pw +php-auth-user +phpthreads +pink-pony +port +portsensor-auth +post +post-error +post-files +postredir-301 +postredir-302 +postredir-all +post-vars +pragma +pragma-no-cache +precondition-failed +prefer +processing +profile +protocol +protocols +proxy +proxy-agent +proxy-authenticate +proxy-authentication-required +proxy-authorization +proxy-connection +proxy-host +proxy-http +proxy-http-1-0 +proxy-password +proxy-port +proxy-pwd +proxy-request-fulluri +proxy-socks4 +proxy-socks4a +proxy-socks5 +proxy-socks5-hostname +proxy-url +proxy-user +public-key-pins +public-key-pins-report-only +pull +put +query-string +querystring +querystring-type-array +querystring-type-bool +querystring-type-float +querystring-type-int +querystring-type-object +querystring-type-string +range +range-not-satisfiable +raw-post-data +read-state-begin +read-state-body +read-state-headers +real-ip +real-method +reason +reason-phrase +recipient +redirect +redirected-accept-language +redirect-found +redirection-found +redirection-multiple-choices +redirection-not-modified +redirection-permanent +redirection-see-other +redirection-temporary +redirection-unused +redirection-use-proxy +redirect-perm +redirect-post +redirect-problem-withoutwww +redirect-problem-withwww +redirect-proxy +redirect-temp +ref +referer +referer +referer~http://%s.%h/ +referrer +referrer-policy +refferer +refresh +remix-hash +remote-addr +remote-host +remote-host-wp +remote-user +remote-userhttps +report-to +request +request2-tests-base-url +request2-tests-proxy-host +request-entity-too-large +request-error +request-error-file +request-error-gzip-crc +request-error-gzip-data +request-error-gzip-method +request-error-gzip-read +request-error-proxy +request-error-redirects +request-error-response +request-error-url +request-http-ver-1-0 +request-http-ver-1-1 +request-mbstring +request-method +request-method- +request-method-delete +request-method-get +request-method-head +request-method-options +request-method-post +request-method-put +request-method-trace +request-time-out +request-timeout +requesttoken +__requesturi +request-uri +request-uri-too-large +request-vars +__requestverb +reset-content +response +rest-key +rest-sign +retry-after +returned-error +rlnclientipaddr +root +safe-ports-list +safe-ports-ssl-list +schedule-reply +scheme +script-name +secretkey +sec-websocket-accept +sec-websocket-extensions +sec-websocket-key +sec-websocket-key1 +sec-websocket-key2 +sec-websocket-origin +sec-websocket-protocol +sec-websocket-version +see-other +self +send-x-frame-options +server +server-bad-gateway +server-error +server-gateway-timeout +server-internal +server-name +server-not-implemented +server-port +server-port-secure +server-protocol +server-service-unavailable +server-software +server-unsupported-version +server-vars +server-varsabantecart +service-unavailable +session-id-tag +session-vars +set-cookie +set-cookie2 +shib- +shib-application-id +shib-identity-provider +shib-logouturl +shopilex +slug +sn +soapaction +socket-connection-err +socketlog +somevar +sourcemap +sp-client +sp-host +ssl +ssl-https +ssl-offloaded +ssl-session-id +sslsessionid +ssl-version-any +status +status- +status-403 +status-403-admin-del +status-404 +status-bad-request +status-code +status-forbidden +status-ok +status-platform-403 +strict-transport-security +str-match +success-accepted +success-created +success-no-content +success-non-authoritative +success-ok +success-partial-content +success-reset-content +support +support-encodings +support-events +support-magicmime +support-requests +support-sslrequests +surrogate-capability +switching-protocols +te +temporary-redirect +test +test-config +test-server-path +test-something-anything +ticket +time-out +timeout +timing-allow-origin +title +tk +tmp +token +trailer +transfer-encoding +translate +transport-err +true-client-ip +ua +ua-color +ua-cpu +ua-os +ua-pixels +ua-resolution +ua-voice +unauthorized +unencoded-url +unit-test-mode +unless-modified-since +unprocessable-entity +unsupported-media-type +upgrade +upgrade-insecure-requests +upgrade-required +upload-default-chmod +uri +url +url-from-env +url-join-path +url-join-query +url-replace +url-sanitize-path +url-strip- +url-strip-all +url-strip-auth +url-strip-fragment +url-strip-pass +url-strip-path +url-strip-port +url-strip-query +url-strip-user +use-gzip +use-proxy +user +user-agent +useragent +user-agent-via +useragent-via +user-email +user-id +user-mail +user-name +user-photos +util +variant-also-varies +vary +verbose +verbose-throttle +verify-cert +version +version-1-0 +version-1-1 +version-any +versioncode +version-none +version-not-supported +via +viad +wap-connection +warning +webodf-member-id +webodf-session-id +webodf-session-revision +web-server-api +work-directory +www-address +www-authenticate +x +x- +x-aastra-expmod1 +x-aastra-expmod2 +x-aastra-expmod3 +x-accel-mapping +x-access-token +x-advertiser-id +x-ajax-real-method +x-alto-ajax-keyz +x-amz-date +x-amzn-remapped-host +x-amz-website-redirect-location +x-api-key +x-api-signature +x-api-timestamp +x-apitoken +x-apple-client-application +x-apple-store-front +x-arr-log-id +x-arr-ssl +x-att-deviceid +x-authentication +x-authentication-key +x-auth-key +x-auth-mode +x-authorization +xauthorization +x-auth-password +x-auth-service-provider +x-auth-token +x-auth-user +x-auth-userid +x-auth-username +x-avantgo-screensize +x-azc-remote-addr +x-bear-ajax-request +x-bluecoat-via +x-bolt-phone-ua +x-browser-height +x-browser-width +x-cascade +x-cept-encoding +x-cf-url +x-chrome-extension +x-cisco-bbsm-clientip +x-client-host +x-client-id +x-client-ip +x-clientip +x-client-key +x-client-os +x-client-os-ver +x-cluster-client-ip +x-codeception-codecoverage +x-codeception-codecoverage-config +x-codeception-codecoverage-debug +x-codeception-codecoverage-suite +x-collect-coverage +x-coming-from +x-confirm-delete +x-content-type +x-content-type-options +x-credentials-request +x-csrf-crumb +x-csrf-token +x-csrftoken +x-cuid +x-custom +x-dagd-proxy +x-davical-testcase +x-dcmguid +x-debug-test +x-device-user-agent +x-dialog +x-dns-prefetch-control +x-dokuwiki-do +x-do-not-track +x-drestcg +x-dsid +x-elgg-apikey +x-elgg-hmac +x-elgg-hmac-algo +x-elgg-nonce +x-elgg-posthash +x-elgg-posthash-algo +x-elgg-time +x-em-uid +x-enable-coverage +x-environment-override +x-expected-entity-length +x-experience-api-version +x-fb-user-remote-addr +x-file-id +x-file-name +x-filename +x-file-resume +x-file-size +x-file-type +x-firelogger +x-fireloggerauth +x-firephp-version +x-flash-version +x-flx-consumer-key +x-flx-consumer-secret +x-flx-redirect-url +x-foo +x-foo-bar +x-forwarded +x-forwarded-by +x-forwarded-for +x-forwarded-for-original +x-forwarded-host +x-forwarded-host~%s.%h +x-forwarded-port +x-forwarded-proto +x-forwarded-protocol +x-forwarded-scheme +x-forwarded-server +x-forwarded-server~%s.%h +x-forwarded-ssl +x-forwarded-ssl +x-forwarder-for +x-forward-for +x-forward-proto +x-from +x-gb-shared-secret +x-geoip-country +x-get-checksum +x-helpscout-event +x-helpscout-signature +x-hgarg- +x-host +x-http-destinationurl +x-http-host-override +x-http-method +x-http-method-override +x-http-path-override +x-https +x-http-status-code-override +x-htx-agent +x-huawei-userid +x-hub-signature +x-if-unmodified-since +x-imbo-test-config +x-insight +x-ip +x-ip-trail +x-iwproxy-nesting +x-jphone-color +x-jphone-display +x-jphone-geocode +x-jphone-msname +x-jphone-uid +x-json +x-kaltura-remote-addr +x-known-signature +x-known-username +x-litmus +x-litmus-second +x-locking +x-machine +x-mandrill-signature +x-method-override +x-mobile-gateway +x-mobile-ua +x-mosso-dt +x-moz +x-msisdn +x-ms-policykey +x-myqee-system-debug +x-myqee-system-hash +x-myqee-system-isadmin +x-myqee-system-isrest +x-myqee-system-pathinfo +x-myqee-system-project +x-myqee-system-rstr +x-myqee-system-time +x-network-info +x-nfsn-https +x-ning-request-uri +x-nokia-bearer +x-nokia-connection-mode +x-nokia-gateway-id +x-nokia-ipaddress +x-nokia-msisdn +x-nokia-wia-accept-original +x-nokia-wtls +x-nuget-apikey +x-oc-mtime +xonnection +x-opera-info +x-operamini-features +x-operamini-phone +x-operamini-phone-ua +x-options +x-orange-id +x-orchestra-scheme +x-orig-client +x-original-host +x-original-http-command +x-originally-forwarded-for +x-originally-forwarded-proto +x-original-remote-addr +x-original-url +x-original-url~/%s +x-original-user-agent +x-originating-ip +x-os-prefs +x-overlay +x-pagelet-fragment +x-password +xpdb-debugger +x-phabricator-csrf +x-phpbb-using-plupload +x-pjax +x-pjax-container +x-prototype-version +xproxy +x-proxy-url +x-pswd +x-purpose +x-qafoo-profiler +x-real-ip +x-remote-addr +x-remote-protocol +x-render-partial +x-request +x-requested-with +x-request-id +x-request-signature +x-request-start +x-request-timestamp +x-response-format +x-rest-cors +x-rest-password +x-rest-username +x-rewrite-url +x-rewrite-url~/%s +xroxy-connection +x-sakura-forwarded-for +x-scalr-auth-key +x-scalr-auth-token +x-scalr-env-id +x-scheme +x-screen-height +x-screen-width +x-sendfile-type +x-serialize +x-serial-number +x-server-id +x-server-name +x-server-port +x-signature +x-sina-proxyuser +x-skyfire-phone +x-skyfire-screen +x-ssl +x-subdomain +x-te +x-teamsite-preremap +x-test-session-id +x-tine20-jsonkey +x-tine20-request-type +x-tomboy-client +x-tor +x-twilio-signature +x-ua-device +x-ucbrowser-device-ua +x-uidh +x-unique-id +x-uniquewcid +x-up-calling-line-id +x-update +x-update-range +x-up-devcap-iscolor +x-up-devcap-post-charset +x-up-devcap-screendepth +x-up-devcap-screenpixels +x-upload-maxresolution +x-upload-name +x-upload-size +x-upload-type +x-up-subno +x-url-scheme +x-user +x-user-agent +x-username +x-varnish +x-verify-credentials-authorization +x-vodafone-3gpdpcontext +x-wap-clientid +x-wap-client-sdu-size +x-wap-gateway +x-wap-network-client-ip +x-wap-network-client-msisdn +x-wap-profile +x-wap-proxy-cookie +x-wap-session-id +x-wap-tod +x-wap-tod-coded +x-whatever +x-wikimedia-debug +x-wp-nonce +x-wp-pjax-prefetch +x-ws-api-key +x-xc-schema-version +x-xhprof-debug +x-xhr-referer +x-xmlhttprequest +x-xpid +xxx-real-ip +xxxxxxxxxxxxxxx +x-zikula-ajax-token +x-zotero-version +x-ztgo-bearerinfo +y +zotero-api-version +zotero-write-token diff --git a/Web Cache Deception/README.md b/Web Cache Deception/README.md index 097c86a..ade7166 100644 --- a/Web Cache Deception/README.md +++ b/Web Cache Deception/README.md @@ -54,5 +54,8 @@ Video of the attack by Omer Gil - Web Cache Deception Attack in PayPal Home Page * [Web Cache Deception Attack - Omer Gil](http://omergil.blogspot.fr/2017/02/web-cache-deception-attack.html) * [Practical Web Cache Poisoning - James Kettle @albinowax](https://portswigger.net/blog/practical-web-cache-poisoning) -* [Web Caching - SI9INT](https://si9int.sh/article/6) +* [Web Cache Entanglement: Novel Pathways to Poisoning - James Kettle @albinowax](https://portswigger.net/research/web-cache-entanglement) * [Web Cache Deception Attack leads to user info disclosure - Kunal pandey - Feb 25](https://medium.com/@kunal94/web-cache-deception-attack-leads-to-user-info-disclosure-805318f7bb29) +* [Web cache poisoning - Web Security Academy learning materials](https://portswigger.net/web-security/web-cache-poisoning) + - [Exploiting cache design flaws](https://portswigger.net/web-security/web-cache-poisoning/exploiting-design-flaws) + - [Exploiting cache implementation flaws](https://portswigger.net/web-security/web-cache-poisoning/exploiting-implementation-flaws)