Attacking Websites Using HTTP Request Smuggling : Empirical Testing of Servers and Proxies

Grenfeldt, Mattias; Olofsson, Asta; Engström, Viktor; Lagerström, Robert

kth.se

Enkelt søk

Avansert søk -
Forskningspublikasjoner Avansert søk -
Studentoppgaver Statistikk

English Svenska Norsk

Endre søk

Referera ExporteraLink to record

Permanent link

https://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-305562

Direct link

http://kth.diva-portal.org/smash/record.jsf?pid=diva2:1616442

Referera

Referensformat

apa
ieee
modern-language-association-8th-edition
vancouver
Annet format

Fler format

Språk

de-DE
en-GB
en-US
fi-FI
nn-NO
nn-NB
sv-SE
Annet språk

Fler språk

Utmatningsformat

html
text
asciidoc
rtf

Attacking Websites Using HTTP Request Smuggling: Empirical Testing of Servers and Proxies

Grenfeldt, Mattias

KTH, Skolan för elektroteknik och datavetenskap (EECS), Datavetenskap, Nätverk och systemteknik. (Software Systems Architecture and Security)

Olofsson, Asta

KTH, Skolan för elektroteknik och datavetenskap (EECS), Datavetenskap, Nätverk och systemteknik. (Software Systems Architecture and Security)

Engström, Viktor

KTH, Skolan för elektroteknik och datavetenskap (EECS), Datavetenskap, Nätverk och systemteknik. (Software Systems Architecture and Security)ORCID-id: 0000-0002-6762-3662

Lagerström, Robert

KTH, Skolan för elektroteknik och datavetenskap (EECS), Datavetenskap, Nätverk och systemteknik. (Software Systems Architecture and Security)ORCID-id: 0000-0003-3089-3885

2021 (engelsk)Inngår i: 2021 IEEE 25th International Enterprise Distributed Object Computing Conference (EDOC), Institute of Electrical and Electronics Engineers (IEEE) , 2021, s. 173-181Konferansepaper, Publicerat paper (Fagfellevurdert)

Abstract [en]

Securing web servers and proxies is critical for enterprise networks. Such Internet-facing systems make up a significant portion of the remote attack surface and, thus, serve as prime targets. HTTP Request Smuggling (HRS) is a vulnerability that arises when web servers and proxies interpret the length of a single HTTP request differently. In this study, empirical testing was used to find parsing behaviors that could lead to HRS in six popular proxies and six servers. A literature study was conducted to compile a corpus containing requests adopting all known HRS techniques and different variations. A test harness was built to enable the automatic sending of requests and recording of responses. The responses were then manually analyzed to identify behaviors vulnerable to HRS. In total, 19 vulnerable behaviors were found, and by combining the proxies with the servers, two almost full and four full attacks could be performed. At least one behavior that went against the HTTP specification was found in every system tested. However, not all of these behaviors enabled HRS. In conclusion, most proxies had strict parsing and did not accept requests that could lead to HRS. The servers, however, were not so strict.

sted, utgiver, år, opplag, sider

Institute of Electrical and Electronics Engineers (IEEE) , 2021. s. 173-181

Emneord [en]

Cyber attack, HTTP Request smuggling, website, server, proxy

HSV kategori

Forskningsprogram

Datalogi

Identifikatorer

URN: urn:nbn:se:kth:diva-305562DOI: 10.1109/EDOC52215.2021.00028ISI: 000748896900018Scopus ID: 2-s2.0-85123637074OAI: oai:DiVA.org:kth-305562DiVA, id: diva2:1616442

Konferanse

International Conference on Enterprise Distributed Object Computing (EDOC), 25-29 Oct. 2021, Gold Coast, Australia

Merknad

QC 20220225

Tilgjengelig fra: 2021-12-02 Laget: 2021-12-02 Sist oppdatert: 2022-06-25bibliografisk kontrollert

Open Access i DiVA

Fulltekst mangler i DiVA

Andre lenker

Forlagets fulltekstScopushttps://ieeexplore.ieee.org/document/9626191

Person

Grenfeldt, Mattias Olofsson, Asta Engström, Viktor Lagerström, Robert

Søk i DiVA

Av forfatter/redaktør

Grenfeldt, Mattias Olofsson, Asta Engström, Viktor Lagerström, Robert

Av organisasjonen

Om emnet

Søk utenfor DiVA

Google Google Scholar

doi

urn-nbn

Totalt: 295 treff