External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-20 18:45:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
nuclei/docs/template-guide/http/unsafe-http.mdx

39 lines
1.1 KiB
Plaintext
Raw Normal View History

docs migration
2023-08-18 02:43:28 +05:30
---
Added docs for multi + code protocol
2023-10-19 16:12:20 +05:30
title: "Unsafe HTTP"
docs migration
2023-08-18 02:43:28 +05:30
---
Nuclei supports [rawhttp](https://github.com/projectdiscovery/rawhttp) for complete request control and customization allowing **any kind of malformed requests** for issues like HTTP request smuggling, Host header injection, CRLF with malformed characters and more.
**rawhttp** library is disabled by default and can be enabled by including `unsafe: true` in the request block.
Here is an example of HTTP request smuggling detection template using `rawhttp`.
```yaml
http:
- raw:
- |+
POST / HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
Content-Length: 150
Transfer-Encoding: chunked
0
GET /post?postId=5 HTTP/1.1
User-Agent: a"/><script>alert(1)</script>
Content-Type: application/x-www-form-urlencoded
Content-Length: 5
x=1
- |+
GET /post?postId=5 HTTP/1.1
Host: {{Hostname}}
unsafe: true # Enables rawhttp client
matchers:
- type: dsl
dsl:
- 'contains(body, "<script>alert(1)</script>")'
```
Reference in New Issue Copy Permalink