1. Welcome to PHCorner Forums. Take a moment to Sign up and gain unlimited access and extra privileges that guests are not entitled to, such as:

    All that and more! Registration is quick, simple and absolutely free. Join our community today!

Different config http injector

Discussion in 'Free Internet Tricks' started by jkevin10, Aug 8, 2016.

  1. Method, there are a lot of methods but that is often used is
    - GET
    - HEAD
    - POST
    - DELETE
    - TRACE
    - CONNECT
    - etc
    Average using GET or HEAD
    Line, there are four types of line that can be used are:
    [Cr] = Carriage Return, U + 000D
    [Lf] = Line Feed, U + 000A
    [Crlf] = CR (U + 000D) followed by LF (U + 000A)
    [Lfcr] = LF (U + 000A) followed by CR (U + 000D)
    [Crlf] [crlf] = To indicate the end of the HTTP header
    Average - Average use [CRLF]
    Protocol version there are three - HTTP/2.0
    - HTTP/1.1
    - HTTP/1.0
    HTTP/1.1 usually in BUG while HTTP/1.0 the protocol to SSH. Depending on the type
    Connection Typethere are two
    [realData] = connection at the end to have a 2 LINE [crlf][crlf]
    For example, if using SSH = CONNECT ipssh:portssh HTTP/1.0[crlf][crlf]
    Depending on the type of connection
    [NetData] = connection at the end DO NOT HAVE LINE. And fortunately usually used to add other payload such as Host: bug.com, Connection: Kee-Alive, etc.
    For example, if using SSH = CONNECT ipssh: portssh HTTP/1.0
    And if it was followed by the BUG then =
    CONNECT ipssh:portssh HTTP/1.0[crlf]Host: bug.com [crlf][crlf]
    Depending on the type of connection. And if in follow Bug then added 1 new LINE followed BUG and ends 2 LINE
    Method Inject divided into 3 types:
    - Normal
    - Front Inject
    - Back Inject
    - Front Query
    - Back Query
    The contents of the request to be sent
    - Normal
    Which means that the connection is placed at the beginning and then followed by the bug payload with 1 LINE [crlf]
    Example 1 = [netData]
    [crlf] Host: bug.com
    [crlf][crlf]
    OR
    Example 2 = CONNECT ipssh:portssh HTTP/1.0 [crlf] Host: bug.com [crlf][crlf]
    Green = SSH connections consist of METHOD ip and port with protocol version HTTP / 1.0
    Line = [crlf]
    Red = Bug
    - Front Inject front means
    So the bug was placed in front of the next follow connection (ssh / vpn / direct it depends)
    Example 1 = GET
    Please or Register to view links
    HTTP/1.1 [crlf]Host: bug.com [crlf][crlf]
    [realData]
    OR
    Example 2 = GET
    Please or Register to view links
    HTTP/1.1 [crlf]Host: bug.com [crlf][crlf] CONNECT ipssh: portssh HTTP/1.0[crlf][crlf]
    Method = GET
    Red = Bug
    Protocol version = HTTP/1.1
    Line = [crlf]
    Blue = connection
    - Back meaning behind
    So the first connection (ssh / vpn / direct dependent) then follow bug
    Example 1 =
    [realData] GET Please or Register to view links
    HTTP/1.1 [crlf]Host: bug.com [crlf][crlf]
    OR
    Example 2 = CONNECT ipssh:portssh HTTP/1.0[crlf][crlf] GET
    Please or Register to view links
    HTTP/1.1 [crlf]Host: bug.com [crlf][crlf]
    Blue = connection
    Method = GET
    Red = Bug
    Protocol version = HTTP/1.1
    Line = [crlf]
    - Front Query
    This means that there are bugs that slipped in front of the connection later in the end @
    Example = CONNECT query.com@ ipssh:portssh HTTP/1.0[crlf][crlf] GET Please or Register to view links
    HTTP/1.1 [crlf]Host: bug.com [crlf][crlf]
    Blue = connection
    Black = Query
    Method = GET
    Red = Bug
    Protocol version = HTTP/1.1
    Line = [crlf]
    Query usually the same as the bug itself
    - Back Query
    This means that there Bug tucked behind a connection that begins @
    Example = CONNECT ipssh:portssh @query.com HTTP/1.0[crlf][crlf] GET Please or Register to view links
    HTTP/1.1 [crlf]Host: bug.com [crlf][crlf]
    Blue = connection
    Black = Query
    Method = GET
    Red = Bug
    Protocol version = HTTP/1.1
    Line = [crlf]
    Query usually the same as the bug itself
    Replace
    Replace is replacing a specific response in order to connect the bias current. And most often, namely replacing to 200 OK
    Example Response =
    - 302 to 200 OK
    Replace Found
    - 400 Bad Request
    Replace to 200 OK
    - Etc
    Payload
    There are many types of payload. Inject the start time may not appear too using payload. But because security is tight then we also need a payload.
    example:
    - Host: bug.com
    - X-Online-Host: bug.com
    - X-Forward-Host: bug.com
    - X-Forwarded-For: bug.com
    - Connection: Keep-Alive or Close
    - Proxy-Connection: Keep-Alive or Close
    - Content-Type: * / *
    - Content-Length: 0 or 1024 or another one
    - And many more
    Proxy and Port
    The use of proxy and proxy port could use the original operator.
    Proxies can also use public or Squid Proxy from VPS with port 80/8000/8080/3128 / etc mouthful can be invited to the free internet.


    Sino nosebleed? Haha.
    sna naintindihan nyo :) Thanks.

    Kevin™
     
    jansjy and arcobaleno like this.
  2. Banjamstrawhat

    Banjamstrawhat Addict Established

  3. Rukia

    Rukia Enthusiast Established

  4. arcobaleno

    arcobaleno Addict Established

Tags / Keywords: