Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling
Tags
Common Information
| Type | Value |
|---|---|
| UUID | c4320923-fd3d-4b40-bb0d-72b3f723c206 |
| Fingerprint | 971409d94d635a9d |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 10, 2022, 6 p.m. |
| Added to db | Jan. 18, 2023, 10:10 p.m. |
| Last updated | Nov. 17, 2024, 9:42 p.m. |
| Headline | Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling |
| Title | Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling |
| Detected Hints/Tags/Attributes | 91/1/45 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://portswigger.net/research/browser-powered-desync-attacks |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 4 | cve-2022-20713 |
|
| Details | CVE | 1 | cve-2022-23959 |
|
| Details | CVE | 5 | cve-2022-22720 |
|
| Details | Domain | 295 | amazon.com |
|
| Details | Domain | 831 | example.com |
|
| Details | Domain | 3 | psres.net |
|
| Details | Domain | 6 | te.cl |
|
| Details | Domain | 2 | h2.cl |
|
| Details | Domain | 87 | www.amazon.com |
|
| Details | Domain | 2 | attacker.net |
|
| Details | Domain | 2 | intranet.example.com |
|
| Details | Domain | 14 | oastify.com |
|
| Details | Domain | 1 | www.capitalone.ca |
|
| Details | Domain | 1 | capitalone.ca |
|
| Details | Domain | 28 | date.now |
|
| Details | Domain | 17 | verisign.com |
|
| Details | Domain | 10 | www.verisign.com |
|
| Details | Domain | 3 | input.name |
|
| Details | Domain | 52 | window.open |
|
| Details | File | 75 | favicon.ico |
|
| Details | File | 258 | robots.txt |
|
| Details | File | 816 | index.html |
|
| Details | File | 4 | logon.html |
|
| Details | File | 1 | win.js |
|
| Details | File | 1 | x.ps |
|
| Details | File | 1 | aze.html |
|
| Details | File | 1 | appletredirect.js |
|
| Details | File | 1 | ds_1234cb049586a32ce264fd67d524d7271e4affc0e377d7aede9db4be17f57fc1.css |
|
| Details | File | 2 | footerbg.gif |
|
| Details | File | 21 | req.url |
|
| Details | IPv4 | 1 | 34.255.5.242 |
|
| Details | Url | 1 | https://psres.net/reset?k=secret |
|
| Details | Url | 1 | https://attacker.net/? |
|
| Details | Url | 51 | https://example.com |
|
| Details | Url | 1 | https://www.capitalone.ca/assets |
|
| Details | Url | 1 | https://www.capitalone.ca |
|
| Details | Url | 1 | https://psres.net/+webvpn+/index.html |
|
| Details | Url | 1 | https://redacted/+cscoe+/win.js |
|
| Details | Url | 1 | https://redacted/+cscoe+/logon.html |
|
| Details | Url | 1 | https://www.verisign.com/ |
|
| Details | Url | 1 | https://www.verisign.com/robots.txt |
|
| Details | Url | 1 | https://vpn.redacted/robots.txt |
|
| Details | Url | 1 | https://vpn.redacted/dana-na/meeting/meeting_testjs.cgi?cb="+date.now |
|
| Details | Url | 1 | https://vpn.redacted/dana-na/css/ds_1234cb049586a32ce264fd67d524d7271e4affc0e377d7aede9db4be17f57fc1.css |
|
| Details | Url | 1 | https://x.psres.net:6082/redirect?'+"h".repeat |