This media is not supported in your browser
VIEW IN TELEGRAM
CRLF OneLiner
A simple Bash one liner with aim to automate CRLF vulnerability scanning. This is an extremely helpful and practical One liner for Bug Hunters, which helps you find CRLF missconfiguration in every possible method. Simply replace the links in subdomains.txt with the URL you want to target. This will help you scan for CRLF vulnerability without the need of an external tool. What you have to do is to copy-and-paste the commands into your terminal and finger crossed for any possible CRLF.
Bash OneLiner:
https://raw.githubusercontent.com/kleiton0x00/CRLF-one-liner/master/crlf_payloads.txt
#crlf #bash #oneliner #bugbounty
A simple Bash one liner with aim to automate CRLF vulnerability scanning. This is an extremely helpful and practical One liner for Bug Hunters, which helps you find CRLF missconfiguration in every possible method. Simply replace the links in subdomains.txt with the URL you want to target. This will help you scan for CRLF vulnerability without the need of an external tool. What you have to do is to copy-and-paste the commands into your terminal and finger crossed for any possible CRLF.
Bash OneLiner:
input='CRLF-one-liner/subdomains.txt';while IFS= read -r targets; do cat CRLF-one-liner/crlf_payloads.txt |xargs -I % sh -c "curl -vs --max-time 9 $targets/% 2>&1 |grep -q '< Set-Cookie: ?crlf'&& echo $targets '[+] is vulnerable with payload: '%>>crlf_results.txt||echo '[-] Not vulnerable: '$targets";done<$input
crlf_payloads.txt: https://raw.githubusercontent.com/kleiton0x00/CRLF-one-liner/master/crlf_payloads.txt
#crlf #bash #oneliner #bugbounty
👍1