I have some problems. Can you give me some advice?

[yiKnife]

I read your article and I know how to test request smuggling. But according to your method, send an attacker's request and then send a large number of victim's requests. But when I send a large number of victim's requests, there are some problems. When I use request smuggler(TE.CL) and turbo intruder, it simply sends a large number of attacker's requests. I sent an attacker request like this When I put this request in the repeater module, it returned 200 ok. But when I attacked I can't get the 404 result I want. Because all requests are repeated attacker requests, None of them are normal requests. I was really confused. What should I do? How should I use this extension??

[albinowax]

The 'Smuggle attack' option is designed to be used on a synced response (ie not an attack). This means the input request should probably look like:

Transfer-Encoding: chunked-or-something
Content-Length: 5

0

I recommend trying out the labs if you haven't already: https://portswigger.net/web-security/request-smuggling