This tool is designed to help you launch HTTP Request Smuggling attacks, originally created during HTTP Desync Attacks research. It supports scanning for Request Smuggling vulnerabilities and aids exploitation by handling cumbersome offset-tweaking for you. - Turbo Intruder is a dependency of this tool. https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn
Confirm "Turbo Intruder" is installed (it is a requirement)
Extender > BApp Store > HTTP Request Smuggler > Select "Install"
Because it is hard to find a target to run this on for example's sake, I will be doing the portswigger challenge labs.
(3) Basic Usage
Right-click on the domain > Select "Launch Smuggle probe"
Wait for response(s) in the Issue's box.
(4) LAB: HTTP request smuggling, basic CL.TE vulnerability (front-end server doesn't support chunked encoding
This lab involves a front-end and back-end server, and the front-end server doesn't support chunked encoding. The front-end server rejects requests that aren't using the GET or POST method.
To solve the lab, smuggle a request to the back-end server so that the next request processed by the back-end server appears to use the method GPOST.
Looking at the results of the Smuggled Probe's
Right-Click inside the "Request" > Select "Send to Repeater"
Add "G" to the request, and select "Send," the first time you will see:
Submit the request again (selecting "Send"), and this time you will see the following error as a result.
The reason you see this error message is because the "G" from the previous request, was carried over into the next request (desync attack) which effectively tried to send the request below, and the server doesn't recognize GPOST as an HTTP method.
As you're attempting to accomplish any type of attack, make sure you are fully aware of what the attack is doing. Please take the time to read over the following documentation and watch the video's explaining what is happening.