How i Found CRLF in 2 minutes || Easy Bug #1 $$$
👋 Hi, I’m Mehboob Khan, a Computer Science & Engineering graduate (2023). I’m obsessed with understanding how technology ticks and love bypassing logic to uncover hidden vulnerabilities. 🔍💻
As a Certified Ethical Hacker, I thrive in the world of cybersecurity, constantly testing systems and breaking barriers to keep them safe. 🔓⚡️
Think your tech is secure? Think again. I’m the one who finds the weaknesses others miss. 💥
Background
So, in this article i will be showing how you can find CRLF injection easily and report immediately. This article does not contain any documentation or in detailed theory which is not needed . Will be focusing on practical only.
What is needed ??
- Target or List of Targets ( i.e file)
- A Tool which iterates through payloads and return result if response has CRLF Payload Injected
Bug Intro
while writing in windows text editors we press enter and \r\n is appended which represents enter / new line. In Linux \n for new line. similarly in URLs HTTP parses enter /…
