HTTP Response Splitting

70 Points  

Old vulnerability... but powerful !

Author

Arod,  

Level  Difficulty

Validations

355 Challengers 1%

Note  Notation

1
2
3
4
5
77 Votes
To reach this part of the site please login

Solution 1 Solution

Display solutions Submit a solution

Challenge Results Challenge Results

Pseudo Challenge Lang date
skopsko   HTTP Response Splitting fr 17 October 2018 at 18:22
cladff10   HTTP Response Splitting fr 17 October 2018 at 13:12
Petitoto   HTTP Response Splitting fr 10 October 2018 at 20:00
Jomar   HTTP Response Splitting fr 10 October 2018 at 19:15
BZHugs   HTTP Response Splitting fr 5 October 2018 at 14:39
10function   HTTP Response Splitting fr 2 October 2018 at 18:28
ouioui   HTTP Response Splitting fr 2 October 2018 at 14:42
ninjaconcombre   HTTP Response Splitting fr 26 September 2018 at 11:57
tuxvador   HTTP Response Splitting fr 23 September 2018 at 19:32
Benoit Esnard   HTTP Response Splitting en 21 September 2018 at 17:11

Challenges associated with this section 19 Challenges

Results Challenge's Name Validations Number of points  Explanation for the scores Difficulty  Difficulty Author Note  Notation Solution
pas_valide HTML - disabled buttons 23% 22330 5 Final 7
pas_valide Javascript - Authentication 43% 42209 5 g0uZ 8
pas_valide Javascript - Source 42% 40764 5 g0uZ 4
pas_valide Javascript - Authentication 2 37% 36287 10 na5sim 2
pas_valide Javascript - Obfuscation 1 37% 35679 10 Hel0ck 5
pas_valide Javascript - Obfuscation 2 32% 30787 10 Hel0ck 5
pas_valide Javascript - Native code 22% 21038 15 g0uZ 5
pas_valide Javascript - Obfuscation 3 18% 17054 30 Hel0ck 5
pas_valide XSS - Stored 1 10% 9752 30 g0uZ 8
pas_valide CSRF - 0 protection 5% 4847 35 sambecks 6
pas_valide Flash - Authentication 3% 2158 40 koma 1
pas_valide CSRF - token bypass 2% 1484 45 sambecks 7
pas_valide XSS - Reflected 1% 406 45 pickle 3
pas_valide Javascript - Obfuscation 4 3% 2345 50 aaSSfxxx 1
pas_valide XSS - Stored 2 3% 2500 50 g0uZ 5
pas_valide HTTP Response Splitting 1% 355 70 Arod 1
pas_valide Javascript - Obfuscation 5 1% 293 70 Hel0ck 3
pas_valide XSS - Stored - filter bypass 1% 389 80 Arod, sambecks 4
pas_valide XSS - DOM Based 1% 169 85 vic511 2