|
|
|
|
|
|
by bostik
1652 days ago
|
|
|
How about feeding the magic string via Host header in your requests and then cutting off? You wouldn't even need to establish the full TLS handshake, SNI is sent in the clear, and you would get to hit every single load-balancer and middle box - and everything they send their logs to. Oh, and WAF rules won't protect you either: https://twitter.com/Rezn0k/status/1469523006015750146 |
|
|