Artemis icon indicating copy to clipboard operation
Artemis copied to clipboard

Published 20 hours ago verified publisher icon CERT-Polska

Test for HTTP Request Smuggling

Open kazet opened this issue 1 year ago • 4 comments

kazet avatar Apr 19 '23 08:04 kazet

Do you think that it will be sufficient to check if server uses HTTP 1.1 since this attack is possible for that protocol version only?

moarcode avatar Jul 21 '23 07:07 moarcode

In my opinion this won't be sufficient because there is plenty of HTTP 1.1 servers that are not vulnerable to this attack, therefore such a check would have a large percentage of false positives

kazet avatar Jul 22 '23 21:07 kazet

I think there is no sane reason to keep HTTP 1.1 if there is version 2.0 which cuts this vulnerability off, but you are right, not all HTTP 1.1 servers are vulnerable. I will try to find a solution to identify HTTP Request Smuggling attack, however, I think it is worth to implement check if HTTP runs on 1.1 version and recommend switching to 2.0.

moarcode avatar Jul 24 '23 14:07 moarcode

if possible, implementing a Nuclei template is a better idea than an Artemis module

kazet avatar Oct 30 '23 10:10 kazet