Sökning: onr:"swepub:oai:DiVA.org:kth-305562" >
Attacking Websites ...
Attacking Websites Using HTTP Request Smuggling : Empirical Testing of Servers and Proxies
-
- Grenfeldt, Mattias (författare)
- KTH,Nätverk och systemteknik,Software Systems Architecture and Security
-
- Olofsson, Asta (författare)
- KTH,Nätverk och systemteknik,Software Systems Architecture and Security
-
- Engström, Viktor (författare)
- KTH,Nätverk och systemteknik,Software Systems Architecture and Security
-
visa fler...
-
- Lagerström, Robert, 1981- (författare)
- KTH,Nätverk och systemteknik,Software Systems Architecture and Security
-
visa färre...
-
(creator_code:org_t)
- Institute of Electrical and Electronics Engineers (IEEE), 2021
- 2021
- Engelska.
-
Ingår i: 2021 IEEE 25th International Enterprise Distributed Object Computing Conference (EDOC). - : Institute of Electrical and Electronics Engineers (IEEE). ; , s. 173-181
- Relaterad länk:
-
https://ieeexplore.i...
-
visa fler...
-
https://urn.kb.se/re...
-
https://doi.org/10.1...
-
visa färre...
Abstract
Ämnesord
Stäng
- Securing web servers and proxies is critical for enterprise networks. Such Internet-facing systems make up a significant portion of the remote attack surface and, thus, serve as prime targets. HTTP Request Smuggling (HRS) is a vulnerability that arises when web servers and proxies interpret the length of a single HTTP request differently. In this study, empirical testing was used to find parsing behaviors that could lead to HRS in six popular proxies and six servers. A literature study was conducted to compile a corpus containing requests adopting all known HRS techniques and different variations. A test harness was built to enable the automatic sending of requests and recording of responses. The responses were then manually analyzed to identify behaviors vulnerable to HRS. In total, 19 vulnerable behaviors were found, and by combining the proxies with the servers, two almost full and four full attacks could be performed. At least one behavior that went against the HTTP specification was found in every system tested. However, not all of these behaviors enabled HRS. In conclusion, most proxies had strict parsing and did not accept requests that could lead to HRS. The servers, however, were not so strict.
Ämnesord
- NATURVETENSKAP -- Data- och informationsvetenskap -- Datavetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Computer Sciences (hsv//eng)
Nyckelord
- Cyber attack
- HTTP Request smuggling
- website
- server
- proxy
- Computer Science
- Datalogi
Publikations- och innehållstyp
- ref (ämneskategori)
- kon (ämneskategori)