webPromedium
Контрабанда (Smuggling)
hackerlab
Task: Access hidden virtual host on nginx server. Solution: HTTP pipelining attack - send two requests in single TCP connection, first to public site, second to hidden vhost wallets.cdb discovered via email hint in source code.
$ ls tags/ techniques/
socket_programmingnginxhttp_request_smugglinghttp_pipeliningvirtual_hosthost_headertcp_connection_reusehidden_vhost
HTTP Pipelining (multiple requests in single TCP connection)Virtual host enumeration via Host headerHidden virtual host access via connection reuseSource code analysis for domain hints
🔒
Permission denied (requires tier.pro)
Sign in to access full writeups
Sign in with GitHub to continue. No email required.
$sign in$ grep --similar
Similar writeups
- [pentest][Pro]SSL— hackerlab
- [web][Pro]Commentary— scarlet
- [pentest][Pro]Чайная кружка— hackerlab
- [web][Pro]Безопасное хранилище (Secure Storage)— hackerlab
- [web][Pro]Biba and Boba— miptctf