https://github.com/safebreach-labs/hrs

https://github.com/safebreach-labs/hrs

Last synced: 14 days ago
JSON representation

• Host: GitHub
• URL: https://github.com/safebreach-labs/hrs
• Owner: SafeBreach-Labs
• License: bsd-3-clause
• Created: 2020-07-13T19:12:36.000Z (almost 5 years ago)
• Default Branch: master
• Last Pushed: 2020-07-20T14:39:04.000Z (almost 5 years ago)
• Last Synced: 2025-03-28T18:55:16.670Z (about 1 month ago)
• Language: Perl
• Size: 5.86 KB
• Stars: 49
• Watchers: 4
• Forks: 8
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# HRS 

## Author: Amit Klein, Safebreach.

HTTP Request Smuggling demonstration Perl script, for variants 1, 2 and 5 in my BlackHat US 2020 paper [HTTP Request Smuggling in 2020](https://www.blackhat.com/us-20/briefings/schedule/#http-request-smuggling-in---new-variants-new-defenses-and-new-challenges-20019). 

Running:

smuggle.pl host port variant(1/2/5) POST_path target_path poison_path

Examples:

- Variant 1 (Header SP junk):

smuggle.pl www.example.com 80 1 /hello.php /welcome.html /poison.html

- Variant 2 (Header SP junk + Wait):

smuggle.pl www.example.com 80 2 /hello.php /welcome.html /poison.html

- Variant 5 (CR Header + Wait):

smuggle.pl www.example.com 80 5 /hello.php /welcome.html /poison.html