Overview
Syllabus
Intro
Outline
Web Application Architecture
What is Header Smuggling?
Mutation examples: Identity
Mutation examples: Space before colon
Mutation examples: Header name junk
Methodology Aims
Methodology Example
Generate a Back-End Error
Base Request Comparison A valid value in the mutated header produces the same resuk
Error Comparison
Guess Headers
AWS Cognito Partial Rate Limit Bypass
Cache Poisoning With API Gateway
What happens when we introduce a cache?
Detecting CL.CL Request Smuggling
The Bug
Generate the First Error
Defences
References
Taught by
Black Hat