CGI and Signature
Bookmarked!This exercise covers the exploitation of a vulnerable CGI.
In this exercise, we delve into a common issue in the handling of CGI scripts, inspired by the HTTPoxy vulnerability. HTTPoxy is a vulnerability where the HTTP header named "Proxy" is not properly filtered, leading to the creation of an environment variable named HTTP_PROXY. This allows attackers to manipulate HTTP clients embedded within web applications to use their malicious proxy, potentially intercepting HTTP traffic.
The exercise guides participants through generating a malicious JWT, signing it with HMAC, and using an HTTP header to override the environment variable HTTP_KEY with the JWT's signing key. This manipulation causes the application to trust the attacker’s JWT, thereby bypassing authentication. By completing this challenge, participants will gain a deeper understanding of how CGI vulnerabilities can be exploited to compromise web applications.