Questions tagged [http]
Definition: HTTP - the Hypertext Transfer Protocol - provides a standard for Web browsers and servers to communicate. The definition of HTTP is a technical specification of a network protocol that software must implement. HTTP is an application layer network protocol built on top of TCP. HTTP clients (such as Web browsers) and servers communicate via HTTP request and response messages. The three main HTTP message types are GET, POST, and HEAD.
1,480
questions
1
vote
2
answers
43
views
Should an HTTP error 500 triggered by an XSS payload be reported as a potential vulnerability?
So, long story short, I was using an automated vulnerability scanner on a website (bounty hunting is allowed and encouraged,) and it works by injecting payloads in forms and URLs etc., to trigger ...
- 1,129
1
vote
0
answers
35
views
Trying to send a POST request using curl to a HTB machine
I`m trying to perform a SSRF attack on a Hack The Box machine (editorial.htb). I'm trying to send a POST request using curl with the command
curl --data "hckyou.txt" -X POST http://...
- 11
19
votes
4
answers
8k
views
HTTP: how likely are you to be compromised by using it just once?
My question is, if somebody, today, in 2024, sent a password or a credit card number to some random HTTP website just once, how likely is that password or credit card number to be found on a hacker ...
- 188
1
vote
2
answers
109
views
CSRF Prevention Using Signed Cookies And Custom Headers
Recently I was reading about CSRF prevention techniques like Synchronizer Token, Cookie-to-header, and Double Submit Cookie. Cookie-to-header is good for websites using a lot of JavaScript, e.g. SPAs, ...
- 13
1
vote
1
answer
55
views
What are the risk of using http when capturing open events on an email
I want to configure a custom domain for open and click tracking in Amazon Simple Email Service (SES). However, I've encountered a limitation where Amazon SES only allows HTTPS domains for tracking ...
- 196
1
vote
1
answer
55
views
Does the CORS asteriks / wildcard include both encrypted and unencrypted origins?
Does the CORS asteriks / wildcard (*) include both encrypted (https) and unencrypted origins (http)? And is the null origin (i.e., when a local file is doing a xmlhttprequest, or within an iframe ...
- 11
1
vote
1
answer
83
views
Execution profile for web server
I would like to know if there is a way to run an app to exhaustion in terms of all possible outcomes that it can provide.
What do I mean by that:
Let's assume that someone has an (Apache) HTTP Server. ...
- 111
0
votes
0
answers
116
views
Bettercap not detecting HTTPS websites (?)
The built-in sslstripping feature (http.proxy.sslstrip) in bettercap is not working against HTTPS websites in this issue I will be using cygwin.com and winzip.com as an example, as we can see they are ...
1
vote
1
answer
65
views
Command Injection in URLs. Are response codes foolproof indicator of true/false positive?
Take this HTTP request as an example.
GET /directory/blahblah/ping%20interact.sh
Say this request receives any 3xx, 4xx, 5xx HTTP response code. Is it likely or even possible that a backend web server ...
- 11
0
votes
0
answers
69
views
Overcoming Middleware: Exploiting XSS to Retrieve Data
I am attempting to perform an XSS attack on my server and have successfully bypassed the CSP. In my server code, I store all users in the following manner:
.get("/users", adminReq, (req, ...
- 13
0
votes
0
answers
33
views
Is it possible to see HTTPS traffic without intercepting? (With a copy of the traffic) [duplicate]
I have a WAF solution that can work both inline and out-of-band. And we want to try the OOB option first. And possibly want to see HTTPS traffic as well.
But the vendor says if we want to see the ...
- 3
0
votes
2
answers
75
views
Is There a way to exploiting / Make exploit scenario for Header based reflected XSS?
I've found a reflected XSS, but the problem is that the attack vector is the header (any header). Is there a way to develop an exploit scenario based on this?
1
vote
2
answers
67
views
Preventing Data Tampering in HTTPS Requests: Safeguarding User-Initiated Donations
Could a Man-in-the-Middle (MITM) attack compromise the integrity of user-initiated transactions over HTTPS? Specifically, if a user selects an amount to donate on a website, is it possible for a ...
- 13
0
votes
3
answers
718
views
Using HTTP header to transmit client certificate for mTLS
My client says their API traffic must take the path WAF -> Custom Firewall -> Backend API. Also, mTLS must be terminated after the traffic has gone through the network appliance.
I have created ...
- 101
0
votes
1
answer
177
views
CRLF in HTTP/2 header value
I am attempting to inject a carriage-return + newline in a HTTP request header value. My understanding is that this is possible with HTTP/2 and HTTP/3. However, when I send a request with Burp I get ...
- 31.8k