image Get the whitepaper, toolkits & remediation guides → http1mustdie.com

Lab: 0.CL request smuggling

This lab is vulnerable to 0.CL request smuggling.

Carlos visits the homepage every five seconds. To solve the lab, exploit the vulnerability to execute alert() in his browser.

Required knowledge

This lab is based on real-world vulnerabilities discovered by PortSwigger Research. For full details on 0.CL request smuggling, see the HTTP/1.1 Must Die whitepaper by James Kettle.

Solution

Livestream with James Kettle