Improve CRLF attack tests

hhucn / webvulnscan

automated web application vulnerability scanner

MIT License

38 stars 27 forks source link

Improve CRLF attack tests #58

Closed phihag closed 11 years ago

phihag commented 11 years ago

The current CRLF attack test isn't actually vulnerable to the attack, but just simulates what would happen statically. Instead, use a real vulnerable site as a test case (maybe add a task to vulnsrv as well?).

phihag commented 11 years ago

This has been fixed in c3c5ea0c8eefb445885dbd2b99272b5887cd2201 .