Categories: Kali Linux

CRLFMap – A Tool To Find HTTP Splitting Vulnerabilities

CRLFMap is a tool to find HTTP Splitting vulnerabilities.

Why?

  • I wanted to write a tool in Golang for concurrency
  • I wanted to be able to fuzz both parameters and paths

Installation

go get github.com/ryandamour/crlfmap

Help

Available Commands:
help Help about any command
scan A scanner for all your CRLF needs

Flags:
-h, –help help for crlfmap

Scan Usage

crlfmap scan –domains domains.txt –output results.txt
———————————————————————————————
v0.0.1
———————————————————————————————

:: Domains : domains.txt
:: Payloads : payloads.txt
:: Threads : 1
:: Output : results.txt
:: User Agent : Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
:: Timeout : 10
:: Delay : 0
——————————————————————————————————————–
[+]http://localhost:3000/v1/%0AInjected-Header:CRLFInjecttest.json: is Vulnerable
[+]http://localhost:3000/v1/%20%0AInjected-Header:CRLFInjecttest.json: is Vulnerable

R K

Recent Posts

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

7 hours ago

ROADTools: The Modern Azure AD Exploration Framework

ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…

3 days ago

How to Enumerate Microsoft 365 Groups Using PowerShell and Python

Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…

3 days ago

SeamlessPass: Using Kerberos Tickets to Access Microsoft 365

SeamlessPass is a specialized tool designed to leverage on-premises Active Directory Kerberos tickets to obtain…

4 days ago

PPLBlade: Advanced Memory Dumping and Obfuscation Tool

PPLBlade is a powerful Protected Process Dumper designed to capture memory from target processes, hide…

5 days ago

HikPwn : Simple Scanner For Hikvision Devices With Basic Vulnerability Scanning

HikPwn: Comprehensive Guide to Scanning Hikvision Devices for Vulnerabilities If you’re searching for an efficient…

5 days ago