标签 ‘Injection’ 下的日志

HTTP Header Injection

Author : Psiczn
Website: www.psiczn.uni.cc
Contact: [email protected]
Note : If you are going to post this little paper in some site please put the source and the author, this paper have copyright.

This paper is only for educational purposes

Well I was looking my Blogspot and I saw something very bad, all the post sucks there is no a good one, so I make the decision to make a good one. First sorry if my English is not good I’m constantly practice. Ok let’s start with this little paper, what do you think when you see a page with a upload option ? Yes everybody think there is maybe a very nice bug for me. There are different ways to bypass the upload, you can change the name of the file like this “file.php.jpg” but the majority of the administrators or webmasters fix that bug because is so popular. But we are gonna talk about the bypass in the headers, there are a lot of vulnerable pages and this is a bug of high risk.
阅读全文 »

Tags: