HTTP Header Abuse using CRLF Injection
This test examines the vulnerability of CRLF injection in HTTP headers, specifically focusing on the manipulation of query parameters through the abuse of line breaks.
How this template works
The API selection filters in this template are used to extract the query parameter key and value from the request. It uses a regular expression to match any character for the query parameter key and extracts it as "query_key". The query parameter value is extracted as "query_value".
The execute section of the template specifies the type of request to be executed, which in this case is a single request. The request is modified using the "modify_query_param" action, where the query_key is replaced with the query_value followed by "%0Aakto-header%3aakto-value". This modification adds a new query parameter "akto-header" with the value "akto-value" to the request.
The validation section checks the response headers of the executed request. It uses the "for_one" filter to validate that the response contains a header with the key "akto-header" and the value "akto-value". If the validation fails, an error will be raised.
Frequently asked questions
What is CRLF injection in the context of HTTP headers
How can CRLF injection be exploited to defeat security mechanisms
What are the potential impacts of CRLF injections
How can CRLF injections be used to exploit cross-site scripting vulnerabilities
What are some examples of security restrictions that can be deactivated using CRLF injections
How does CRLF injection impact the OWASP Top 10 and HackerOne Top 10 vulnerabilities