Lab: HTTP request smuggling, confirming a CL.TE vulnerability via differential responses
This lab involves a front-end and back-end server, and the front-end server doesn't support chunked encoding.
To solve the lab, smuggle a request to the back-end server, so that a subsequent request for
/ (the web root) triggers a 404 Not Found response.
Using Burp Repeater, issue the following request twice:
POST / HTTP/1.1
GET /404 HTTP/1.1
The second request should receive an HTTP 404 response.