HTTP request smuggling

“HTTP Request Smuggling (“HRS”) is a new hacking technique that targets HTTP devices. Indeed, whenever HTTP requests originating from a client pass through more than one entity that parses them, there is a good chance that these entities are vulnerable to HRS.
HRS sends multiple, specially crafted HTTP requests that cause the two attacked devices to see differen sets of requests, allowing the hacker to smuggle a request to one device without the other device being aware of it.”



~ by Balle on July 7, 2007.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: