We're providing a live walkthrough for this lab. Join James Kettle on 15 August at 11AM PT as he solves it using advanced 0.CL request smuggling techniques.
A recording of the session will be published here afterwards.
Lab: 0.CL request smuggling
This lab is vulnerable to 0.CL request smuggling.
Carlos visits the homepage every five seconds. To solve the lab, exploit the vulnerability to execute alert() in his browser.
Required knowledge
This lab is based on real-world vulnerabilities discovered by PortSwigger Research. For full details on 0.CL request smuggling, see the HTTP/1.1 Must Die whitepaper by James Kettle.
