• EN
Solved

Question of the day 13/09, Cybersecurity Edition

  • 14 September 2022
  • 6 comments
  • 45 views
marcofabbri
Userlevel 7
Badge +13

Day 11

What type of webserver attack adds more data to the response header sent to client browser?

  • DNS Poisoning
  • Cross Site Scripting
  • Path Traversal
  • SOAP attack
  • HTTP response splitting
icon

Best answer by mkevenaar 14 September 2022, 07:50

View original
Backups are like pizza, I love them. | Linkedin: @marco-fabbri-it

6 comments

mkevenaar
Userlevel 7
Badge +14

HTTP response splitting

Maurice Kevenaar |Veeam Vanguard 2020-2024 | Veeam Legend 2023-2024 | Twitter: @mkevenaar | Mastodon: @mkevenaar@masto.nu - https://masto.nu/@mkevenaar | Blog: https://kevenaar.name | Join the Veeam Community Hackathon: https://veeamhackathon.com/sign-up
Mildur
Userlevel 7
Badge +12

I believe „Cross Site Scripting“.

The other names doesn‘t make sense to me :)

Product Management Analyst @ Veeam Software
JMeixner
Userlevel 7
Badge +17

HTTP response splitting

With this more data is added to a HTTP response header

Jochen (Joe) Meixner | Veeam Vanguard 2024 | Veeam Legend 2021 - 2023 | Veeam Certified Architect (VMCA) 2022 | Twitter: @JoMeix | BlueSky: @jmeixner.bsky.social
dips
Userlevel 7
Badge +7

HTTP Response Splitting

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk
Chris.Childerhose
Userlevel 7
Badge +20

HTTP Response Splitting

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
marcofabbri
Userlevel 7
Badge +13

HTTP response splitting is the good one!

By inserting, in the right place in the header of the HTTP response, some carriage return (\r) and a linefeed (\n), client will process the packet in a different way as it conceived.

Here’s an example:
 

 

Backups are like pizza, I love them. | Linkedin: @marco-fabbri-it

Comment


Terms & Conditions