Inside hacker solution | CVE-2019-20372 PoC | NGINX http request smuggling

#NGINX http request smuggling : cve-2019-20372 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

Reference : https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdf

Vulnmachines​​ – Place for Pentesters
Vulnmachines is online cyber security training platform with a massive number of labs, allowing individuals, students, cyber professionals, companies, universities and all kinds of organizations around the world to enhance their practical skills with Real-world enterprise scenarios.

Visit : https://www.vulnmachines.com​​​​​

TheSecOps Group : The SecOps Group is founded by industry veterans. We have over 15 years of experience in providing cyber security consultancy and have worked with some of the largest blue chip companies. Being an independent boutique company, we enable our customers to continuously identify and assess their security postures and provide advice in securing against the adversaries.

Our team regularly speaks at international conferences (including Black Hat, Defcon, HITB, and OWASP Appsec). We pride ourselves in hiring the best talent and our passion is to stay up-to-date with the latest in the world of ethical hacking.

For business : https://secops.group/

Follow us
Twitter : https://www.twitter.com/vulnmachines
Facebook : https://www.fb.com/vulnmachines​​​​
LinkedIn : https://linkedin.com/company/vulnmachines

#infosec #cybersecurity #cyber #pentesting #cve #exploit #django #pentest #bugbounty #bugbountytips #vulnerability #information #owasptop10

nginx vulnerability
nginx hrs
what is http request smuggling
nginx http request smuggling