webPromedium
Lab 375 — PageFlow — Web Cache Deception via Path Normalization
hackadvisor
Task: collaborative wiki platform behind nginx reverse proxy with aggressive caching, admin bot visits user-submitted URLs. Solution: web cache deception — append .css extension to /api/auth/session to trick nginx into caching admin's authenticated session response, then retrieve cached credentials.
$ ls tags/ techniques/
nginxexpressadmin_botreverse_proxypath_normalizationcache_deceptionsession_leakanti_bot_decoysextension_based_caching
web_cache_deceptionextension_suffix_cache_bypasspath_normalization_desyncadmin_bot_cache_primingproxy_ignore_headers_abuseanti_honeypot_awareness
🔒
Permission denied (requires tier.pro)
Sign in to access full writeups
Sign in with GitHub to continue. No email required.
$sign in$ grep --similar
Similar writeups
- [web][Pro]Lab 156 — IntegraFlow — Path Traversal via Double URL Encoding— hackadvisor
- [web][Pro]SyncSphere — Web Cache Deception via URL Parser Inconsistency— hackadvisor
- [web][Pro]Lab 160 — WikiForge — Nginx Alias Path Traversal— hackadvisor
- [web][Pro]Lab 275 — GatewayPulse — Proxy ACL Bypass via Path Case Normalization— hackadvisor
- [web][Pro]board_of_secrets— miptctf