In-depth solution to the PortSwigger lab "Exploiting HTTP request smuggling to bypass front-end security controls, CL.TE vulnerability".
👀 Check out playlist https://www.youtube.com/playlist?list=PLGb2cDlBWRUX1_7RAIjRkZDYgAB3VbUSw for all my solutions to the HTTP Request Smuggling labs from PortSwigger.
Try it yourself:
https://portswigger.net/web-security/request-smuggling/exploiting/lab-bypass-front-end-controls-cl-te
Timestamps:
00:00 - Intro
00:23 - Set up an Attack Request and a Normal Request
02:07 - Trigger a Differential Response
02:26 - Why we add a Request Header
03:29 - Try and smuggle a GET request for /admin
03:50 - Work around 'Admin Interface only for local users'
04:24 - Why we get a Duplicate Header names error
04:54 - How to fix the duplicate host header
05:37 - Why we need to set a Content-Length
06:30 - What is the minimum Content Length?
