Hey! This video is great. I had a question. Are specific endpoints of a website vulnerable to HTTP Request smuggling or a website as a whole is vulnerable to HTTP Request smuggling?
It all depends on the setup and whether the component is vulnerable. www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/
Great video - I understand the desync aspect but what I dont understand is how this could be exploited. From my current understanding, worst that could happen is that another user gets the response to the request I smuggled in. For example I request /indext.html and smuggle /404.html. The user that sends the next request will receive my 404 response. How could this behavior be levaraged to pose any harm outside of a DOS attack - giving as many people as possible 404s
There are loads of way of further weaponizing request smuggling. Here's a great article by PortSwigger: portswigger.net/web-security/request-smuggling/exploiting
Request smuggling is so cool. Idk why but it’s one of my favorite attacks.
Same, I love this attack. I think it still has so much research potential as well!
@@PinkDraconian 💯, James Kettle has some nice material on it. Still a ton left to be uncovered!
Great stuff, as always, mate! I definitely want to look into HTTP smuggling, and HTTP desync, more now. Thanks!
It's a very interesting vulnerability. I was mindblown by it at first!
@@PinkDraconian thanks 👍🏼♥️
Very well explained! I earlier read PortSwiggers material about request smuggling, but this video basically clarified a lot of this topic :)
Thanks! Happy to hear that this video helped so much!
Great video dude... I really love these types of attacks, I also prefer not to scan and do most work manually..
Awesome content for cyber security 🔥🔥🔥
Thank you so much!
Loving this channel !!
Aww thanks!
I'm going to send here anyone that DMs me with a HRS false-positive
Thank you! Let's get these false positive reports out of the world!
Informative.
Thank you ! ❤
Glad you enjoyed it!
I needed that pipelining method thank you, hopefully it works out :)
Best of luck!
Great video, keep it up , bro💜👊
Thank you!
Really good explanation
Thank you Cristi, means a lot coming from you!
very great , You solved a very difficult puzzle .... thanks so much😍
You are welcome 😊
Very interesting video! 👍🏾 thanks for sharing
Thank you for watching!
I run across a lot of false positives with AWS load balancers.
Good to know! I read about this but wasn't able to reproduce myself. Didn't try for too long tho!
Thank you. I will subscribe.
Thanks for the sub!
I really liked your video. Could you tell me which app you use to create the images? It looks very nice.
Thank you very much. I use the Adobe suite for all images shown.
Hey! This video is great. I had a question. Are specific endpoints of a website vulnerable to HTTP Request smuggling or a website as a whole is vulnerable to HTTP Request smuggling?
This vulnerability exists at a lower level than specific endpoints, so it will likely be all endpoints.
Thank you!
Thank you!
Hi, what about servers like s3 (only for statics) under a balancer like f5 ? Exist the vulnerability? T thanks
It all depends on the setup and whether the component is vulnerable. www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/
🔥🔥🔥👍🏼
🧯🚒👩🚒
good stuff < 3
Thanks
How we spot the HTTP Request Smuggling Vulne .
There's a great PortSwigger academy article on this!
Great video - I understand the desync aspect but what I dont understand is how this could be exploited. From my current understanding, worst that could happen is that another user gets the response to the request I smuggled in. For example I request /indext.html and smuggle /404.html. The user that sends the next request will receive my 404 response.
How could this behavior be levaraged to pose any harm outside of a DOS attack - giving as many people as possible 404s
There are loads of way of further weaponizing request smuggling. Here's a great article by PortSwigger: portswigger.net/web-security/request-smuggling/exploiting
How old are You buddy?
I'm 22 :)
Second Comment
Woohoo!
Third Comment!
What an achievement!
Fourth comment
Yahoooooooo! Well done!