🔰 CRLF Vulnerability

• CRLF stands for "Carriage Return, Line Feed." It is a sequence of two characters used to signify the end of a line of text in many computer systems.

• How It Occurs

A CRLF injection vulnerability occurs when an attacker is able to inject a CRLF sequence into an application, often by manipulating input that is not properly validated

This can allow the attacker to alter the behavior of the application

• Way To Protect CRLF Vulnerability

To protect against CRLF injection attacks, it is important to properly validate and sanitize all user input.

This can help to ensure that malicious input is not able to be injected into the application.

#bugbounty #Infosec #penetrationtesting #hacking #bugbountytips

A new Vulnerable Web Application by
@PortSwiggerRes

Gin & Juice Shop: https://ginandjuice.shop

Here are some tips for finding CRLF (Carriage Return Line Feed) vulnerability:

1️⃣: Look for places where user input is reflected in the HTTP response header. CRLF vulnerabilities often arise when user input is injected into the header without being properly sanitized.

2️⃣: Try injecting CRLF characters into user input fields to see if they are reflected in the header. For example, you might try inputting a string like "foo%0D%0Abar" into a search field and see if "foo" and "bar" appear as separate lines in the header.

3️⃣: Use a tool like Burp Suite to intercept and modify HTTP requests. This can make it easier to inject CRLF characters and analyze the resulting header.

4️⃣: Pay attention to the content of the header and how it changes based on your input. Look for patterns or anomalies that might indicate a CRLF vulnerability.

5️⃣: Keep in mind that CRLF vulnerabilities can be used to perform a variety of attacks, including HTTP response splitting, header injection, and cache poisoning.

If you suspect that a CRLF vulnerability is present, be sure to thoroughly test and understand its potential impact.

#bugbounty #infosec #cybersecurity #hacking

Best Way to Find Clint-Side Bugs

https://bugbountyguide.org/2022/12/10/best-way-to-find-clint-side-bugs/

🟢 Tricks to bypass CSRF-protection

Link: https://2017.zeronights.org/wp-content/uploads/materials/ZN17_MikhailEgorov%20_Neat_tricks_to_bypass_CSRF_protection.pdf

BUGOUNTY TIP

Getting a 403 error?
Try appending %2e after the first slash!

https://host.com/path = 403 FORBIDDEN
https://host.com/%2e/path = 200 0K

@rez__

When using WayBackUrls, use below Regex
to find parameterized URL(s):

\/[A-Za-z0-9.-][a-z]\?.*=

My Malicious File Upload Checklist

https://aacle.notion.site/Malicious-File-Upload-Checklist-3cd2b85ff7494efdac47d646b98cdce4

#bugbounty #infosec

🎯 HTTPZines

All About HTTP and Its role

https://securityzines.com/zines/http.html

#bugbounty #Infosec #hacking #penetrationtesting #cybersecurity

In JS (==) convert both values in the same type. In this case Empty String and Empty Array both are boolean value of false
So, they evaluate as equal

Undefined is not a reserved keyword

In js array, it ignore last ,

If a string is not empty == will convert it into boolean value of true so they both are equal 😊

Type of f is undefined and we are adding typeof f to 1
So it is
"1undefined"