CRLF Injection Overview

CRLF Injection is typically used in HTTP Response Splitting. In the HTTP specification there is a spec stating that the HTTP header is to be split from the data portion of the packet. This formatting split is defined by a carriage return and line feed, or called a \r\n.

Basically by injection a \r\n somewhere in the HTTP header you can split an HTTP packet into 2 different packets. 1 packet will have the malicious payload, while the other packet holds the valid information. HTTP Response Splitting is a vulnerability in the HTTP spec and as such a web server or proxy server will need to know how to handle and protect against these types of attacks and vulnerabilities.

HTTP Response Splitting can lead to the follow types of vulnerabilites.

* XSS or Cross Site Sripting vulnerabilites
* Proxy and web server cache poisoning
* Web site defacement
* Hijacking the client’s session
* Client web browser poisoning

Explore More

FBI Fears Chinese Hackers and/or Government Agents Have Back Door Into US Government & Military Computer Networks

ome months ago, my contacts in the defense industry had alerted me to a startling development that has escalated to the point of near-panick in nearly all corners of Government

Read More

Several avast sites were defaces

Last month, eight sites at once well-known anti-virus solutions avast!  Were defaces: http://www.avast.co.za/ (mirror; date: 2010-01-22 15:06:28) http://awast.org/ (mirror; date: 2010-02-18 18:57:27) http://www.avast.de/ (mirror; date: 2010-02-18 18:58:01) http://shop.avast.de/ (mirror; date:

Read More

Critical SQL Injection in Planet Myannar Website and Forum

PlanetCreator has reported another critical SQL Injection (vulnerability) on  Planet Myannar Website and Forum http://www.planet.com.mm/ Powered by Inforithm-Maze. SQL injection is a code injection technique that exploits a security vulnerability

Read More