Update CRLFInjection.bcheck

PortSwigger · Mar 7, 2024 · 4d17f27 · 4d17f27
1 parent 7994a71
commit 4d17f27
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/vulnerability-classes/injection/CRLFInjection.bcheck b/vulnerability-classes/injection/CRLFInjection.bcheck
@@ -1,20 +1,20 @@
 metadata:
-    language: v1-beta
+    language: v2-beta
     name: "CRLF Injection"
     description: "Checks for CRLF Injection"
     author: "0xGodson_"
 
 define:
-  crlf_payload = `%0d%0aX-TEST-Header:%20{random_str(13)}%0d%0a`
+    nonce = `{random_str(13)}`
 
 given request then
     send request called crlf:
-        appending path: {crlf_payload}
+        appending path: `%0d%0aX-TEST-Header:%20{nonce}%0d%0a`
 
-    if "x-test-header" in {to_lower({crlf.response.headers})} then
+    if `x-test-header: {to_lower({nonce})}` in {to_lower({crlf.response.headers})} then
         report issue:
             severity: low
             confidence: certain
             detail: "The application is vulnerable to CRLF Injection."
             remediation: "Strip any newline characters before passing content into the HTTP header."
-		end if
+    end if