{"id":13539467,"url":"https://github.com/PortSwigger/http-request-smuggler","last_synced_at":"2025-04-02T06:30:58.475Z","repository":{"id":41371380,"uuid":"199670398","full_name":"PortSwigger/http-request-smuggler","owner":"PortSwigger","description":null,"archived":false,"fork":false,"pushed_at":"2025-01-06T13:58:09.000Z","size":146181,"stargazers_count":978,"open_issues_count":11,"forks_count":104,"subscribers_count":27,"default_branch":"master","last_synced_at":"2025-03-31T18:07:18.073Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://portswigger.net/blog/http-desync-attacks","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/PortSwigger.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-07-30T14:41:18.000Z","updated_at":"2025-03-25T07:49:16.000Z","dependencies_parsed_at":"2025-01-19T22:01:39.958Z","dependency_job_id":"5a30eaba-d2fb-460b-931f-cae10c9c4050","html_url":"https://github.com/PortSwigger/http-request-smuggler","commit_stats":{"total_commits":260,"total_committers":7,"mean_commits":"37.142857142857146","dds":"0.30000000000000004","last_synced_commit":"75a40815a944391bfbefe9c8b70faec1fae3ea21"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PortSwigger%2Fhttp-request-smuggler","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PortSwigger%2Fhttp-request-smuggler/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PortSwigger%2Fhttp-request-smuggler/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PortSwigger%2Fhttp-request-smuggler/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/PortSwigger","download_url":"https://codeload.github.com/PortSwigger/http-request-smuggler/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246767728,"owners_count":20830544,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T09:01:26.325Z","updated_at":"2025-04-02T06:30:58.444Z","avatar_url":"https://github.com/PortSwigger.png","language":"Java","readme":"# HTTP Request Smuggler\n\nThis is an extension for Burp Suite designed to help you launch [HTTP Request Smuggling](https://portswigger.net/web-security/request-smuggling) attacks, originally created during [HTTP Desync Attacks](https://portswigger.net/blog/http-desync-attacks-request-smuggling-reborn) research. It supports scanning for Request Smuggling vulnerabilities, and also aids exploitation by handling cumbersome offset-tweaking for you.\n\nThis extension should not be confused with [Burp Suite HTTP Smuggler](https://github.com/nccgroup/BurpSuiteHTTPSmuggler), which uses similar techniques but is focused exclusively bypassing WAFs.\n\n### Install\nThe easiest way to install this is in Burp Suite, via `Extender -\u003e BApp Store`.\n\nIf you prefer to load the jar manually, in Burp Suite (community or pro), use `Extender -\u003e Extensions -\u003e Add` to load `build/libs/http-request-smuggler-all.jar`\n\n### Compile\n[Turbo Intruder](https://github.com/PortSwigger/turbo-intruder) is a dependency of this project, add it to the root of this source tree as `turbo-intruder-all.jar`\n\nBuild using:\n\nLinux: `./gradlew build fatjar`\n\nWindows: `gradlew.bat build fatjar`\n\nGrab the output from `build/libs/desynchronize-all.jar`\n\n### Use\nRight click on a request and click `Launch Smuggle probe`, then watch the extension's output pane under `Extender-\u003eExtensions-\u003eHTTP Request Smuggler`\n\nIf you're using Burp Pro, any findings will also be reported as scan issues.\n\nIf you right click on a request that uses chunked encoding, you'll see another option marked `Launch Smuggle attack`. This will open a Turbo Intruder window in which you can try out various attacks by editing the `prefix` variable.\n\nFor more advanced use watch the [video](https://portswigger.net/blog/http-desync-attacks).\n\n### Practice\n\nWe've released a collection of [free online labs to practise against](https://portswigger.net/web-security/request-smuggling). Here's how to use the tool to solve the first lab - [HTTP request smuggling, basic CL.TE vulnerability](https://portswigger.net/web-security/request-smuggling/lab-basic-cl-te):\n\n1. Use the Extender-\u003eBApp store tab to install the 'HTTP Request Smuggler' extension.\n2. Load the lab homepage, find the request in the proxy history, right click and select 'Launch smuggle probe', then click 'OK'.\n3. Wait for the probe to complete, indicated by 'Completed 1 of 1' appearing in the extension's output tab.\n4. If you're using Burp Suite Pro, find the reported vulnerability in the dashboard and open the first attached request.\n5. If you're using Burp Suite Community, copy the request from the output tab and paste it into the repeater, then complete the 'Target' details on the top right.\n6. Right click on the request and select 'Smuggle attack (CL.TE)'.\n7. Change the value of the 'prefix' variable to 'G', then click 'Attack' and confirm that one response says 'Unrecognised method GPOST'.\n\nBy changing the 'prefix' variable in step 7, you can solve all the labs and virtually every real-world scenario.\n","funding_links":[],"categories":["\u003ca id=\"1233584261c0cd5224b6e90a98cc9a94\"\u003e\u003c/a\u003e渗透\u0026\u0026offensive\u0026\u0026渗透框架\u0026\u0026后渗透框架","Server-side Attacks","Weapons","\u003ca id=\"5dd93fbc2f2ebc8d98672b2d95782af3\"\u003e\u003c/a\u003e工具","\u003ca id=\"d0ee432e093709d25c54688996cb632e\"\u003e\u003c/a\u003eWeb","Pentesting","Java","Tools"],"sub_categories":["\u003ca id=\"39e9a0fe929fffe5721f7d7bb2dae547\"\u003e\u003c/a\u003eBurp","Burpsuite, Caido and ZAP Addons","\u003ca id=\"f0728b8e21e86f04c33b8ff8f12ca55f\"\u003e\u003c/a\u003eHTTP/HTTPS","Payloads"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FPortSwigger%2Fhttp-request-smuggler","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FPortSwigger%2Fhttp-request-smuggler","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FPortSwigger%2Fhttp-request-smuggler/lists"}