CRLF Injection Playbook
Hello Guys,
Just a Rough analysis of bugs Disclosed Publicly about CRLF injection
This analysis is done just because of curiosity about learning new things and tho I found this topic interesting. So Thought of sharing about it with you guys.
I started with Reading about disclosed reports about CRLF injection on Hackerone Hacktivity. (Some interesting reports will be discussed below)
Getting Started
Now, What is CRLF?
Line feed = \n (%0a)
Carriage Return = \r (%0d)
Basically, Pressing Enter key is the combination of carriage return & line feed
Windows Editor mostly uses a combination of \r\n
Unix uses mostly \n
Diggin’ into Injection and Attack Vector
What is CRLF Injection?
A Carriage Return Line Feed (CRLF) Injection vulnerability occurs when an application does not sanitize user input correctly and allows for the insertion of carriage returns and line feeds, input which for many internet protocols, including HTML, denote line breaks and have special significance.
For example, Parsing of HTTP message relies on CRLF characters (%0D%0A which decoded represent \r\n) to identify sections of…