HTTP/2 – Page 2 – WindowsTechs.com

Decrypting Data field of HTTP2 packet in Wireshark

Posted on June 10, 2022 by UserIT

I have pcap file that consists of HTTP/2 requests. Communication between two machines used basically done through Encryption using JSON Web Encryption (JWE) and encapsulate and encapsulates the resulting JWE object into a HTTP/2 message (a… Continue reading Decrypting Data field of HTTP2 packet in Wireshark→

What are NGINX reverseproxy users doing to prevent HTTP Request smuggling?

Posted on December 9, 2021 by Sai Vishnu

Since NGINX does not support sending HTTP/2 requests upstream, what are the present NGINX reverseproxy users doing to mitigate HTTP Request Smuggling vulnerability?
I understand that the best way to prevent HTTP Request Smuggling is by sen… Continue reading What are NGINX reverseproxy users doing to prevent HTTP Request smuggling?→

Timeless timing attacks and response jitter

Posted on February 22, 2021 by wade king

I’ve been researching timeless timing attacks, ie: timing attacks using concurrency rather than round trip time. Here is an article by portswigger with links to the original article by Van Goethem. Basically it says that if you pack two re… Continue reading Timeless timing attacks and response jitter→

Capturing Decrypted TLS Traffic with Arkime

Posted on December 1, 2020 by Erik Hjelmvik

The latest version of Arkime (The Sniffer Formerly Known As Moloch) can now be fed with a real-time stream of decrypted HTTPS traffic from PolarProxy. All that is needed to enable this feature is to include ‘pcapReadMethod=pcap-over-ip-server’ in Arkim… Continue reading Capturing Decrypted TLS Traffic with Arkime→

Nessus Plugin "HTTP Smuggling Detection" failing due to support for http/1.1 – how to overcome?

Posted on September 25, 2020 by B Robster

A new Nessus plugin (140735 – HTTP Smuggling Detection) was very recently incorporated into Tenable’s PCI template and is now beeing flagged as a "medium" vulnerability and causing scans to fail.
The only info in the scan report … Continue reading Nessus Plugin "HTTP Smuggling Detection" failing due to support for http/1.1 – how to overcome?→

Does HTTP/2 prevent security vulnerabilites like CRLF injection?

Posted on July 23, 2020 by Dipesh Sunrait

Which vulnerabilites does HTTP/2 prevent?
More specifically:

Does it prevent HTTP request smuggling?
Does it prevent HTTP response splitting / CRLF injection?

Continue reading Does HTTP/2 prevent security vulnerabilites like CRLF injection?→

Is there any point in having the HSTS header enabled when using HTTP/2?

Posted on February 18, 2020 by user96649

As a protection against attacks such as SSLstrip, the HSTS header prevents an attacker from downgrading a connection from HTTPS to HTTP, as long as the attributes of the header are properly configured.

However, HTTP/2, whilst not making e… Continue reading Is there any point in having the HSTS header enabled when using HTTP/2?→

Multiple HTTP/2 DoS flaws found by Netflix

Posted on August 19, 2019 by Danny Bradbury

Netflix has identified several denial of service (DoS) flaws in HTTP/2, a popular network protocol that underpins large parts of the web. Exploiting them could bring servers grinding to a halt. Continue reading Multiple HTTP/2 DoS flaws found by Netflix→

PolarProxy Released

Posted on June 21, 2019 by Erik Hjelmvik

I’m very proud to announce the release of PolarProxy today! PolarProxy is a transparent TLS proxy that decrypts and re-encrypts TLS traffic while also generating a PCAP file containing the decrypted traffic. PolarProxy enables you to do lots of things … Continue reading PolarProxy Released→

Interpreting SSLLabs Handshake simulation results

Posted on March 26, 2019 by Pankaj Singhal

While testing SSL/TLS details on ssllabs.com for a website, the Handshake Simulation part contains:

TLS 1.2 > http/1.1
TLS 1.2 > h2

For eg:

What do these things mean? I couldn’t find it anywhere.

Continue reading Interpreting SSLLabs Handshake simulation results→