added null byte to web cache deception

Hackmanit · Feb 9, 2024 · 8a52b8b · 8a52b8b
1 parent d773d4b
commit 8a52b8b
Showing 1 changed file with 10 additions and 9 deletions.
diff --git a/pkg/deception.go b/pkg/deception.go
@@ -17,15 +17,16 @@ func TestWebCacheDeception() reportResult {
 
 	// cacheable extensions: class, css, jar, js, jpg, jpeg, gif, ico, png, bmp, pict, csv, doc, docx, xls, xlsx, ps, pdf, pls, ppt, pptx, tif, tiff, ttf, otf, webp, woff, woff2, svg, svgz, eot, eps, ejs, swf, torrent, midi, mid
 	appendings := []string{
-		"/.css",
-		"/nonexistent.css",
-		"/../nonexistent.css",
-		"/%2e%2e/nonexistent.css",
-		"%0Anonexistent.css",
-		"%3Bnonexistent.css",
-		"%23nonexistent.css",
-		"%3Fname = valnonexistent.css",
-		"&name=valnonexistent.css",
+		"/.css",                        // Path parameter
+		"/nonexistent.css",             // Path parameter
+		"/../nonexistent.css",          // Path traversal
+		"/%2e%2e/nonexistent.css",      // Encoded path traversal
+		"%0Anonexistent.css",           // Encoded Newline
+		"%00nonexistent.css",           // Encoded Newline
+		"%3Bnonexistent.css",           // Encoded Semicolon
+		"%23nonexistent.css",           // Encoded Pound
+		"%3Fname = valnonexistent.css", // Encoded Question Mark
+		"%26name=valnonexistent.css",   // Encoded Ampersand
 	}
 
 	PrintVerbose("Testing for Web Cache Deception\n", NoColor, 1)