The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

For each potentially vulnerable instance in which user-controllable input

Download 5,76 Mb.

Pdf ko'rish

bet	743/875
Sana	01.01.2022
Hajmi	5,76 Mb.
	#293004

1 ... 739 740 741 742 743 744 745 746 ... 875

Bog'liq
3794 1008 4334

For each potentially vulnerable instance in which user-controllable input

is copied into an HTTP header, verify whether the application accepts

data containing URL-encoded carriage-return (

%0d

) and line-feed (

%0a

)

characters, and whether these are returned unsanitized in its response.

■

Note that you are looking for the actual newline characters themselves to

appear in the server’s response, not their URL-encoded equivalents. If

you view the response in an intercepting proxy, you should actually see

an additional line in the HTTP headers if the attack was successful.

■

If only one of the two newline characters is returned in the server’s

responses, it may still be possible to craft a working exploit, depending

on the context.

■

Download 5,76 Mb.

Do'stlaringiz bilan baham:

1 ... 739 740 741 742 743 744 745 746 ... 875